Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-28935
Vulnerability from cvelistv5
Vendor | Product | Version | |||||
---|---|---|---|---|---|---|---|
▼ | NLnet Labs | Unbound |
Version: <= 1.12.0 |
||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:48:00.719Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt" }, { "tags": [ "x_transferred" ], "url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt" }, { "name": "GLSA-202101-38", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202101-38" }, { "name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Unbound", "vendor": "NLnet Labs", "versions": [ { "status": "affected", "version": "\u003c= 1.12.0" } ] }, { "product": "NSD", "vendor": "NLnet Labs", "versions": [ { "status": "affected", "version": "\u003c= 4.3.3" } ] } ], "credits": [ { "lang": "en", "value": "We would like to thank Mason Loring Bliss for bringing the issue to our attention." } ], "datePublic": "2020-12-01T00:00:00", "descriptions": [ { "lang": "en", "value": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-29T00:00:00", "orgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6", "shortName": "NLnet Labs" }, "references": [ { "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt" }, { "url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt" }, { "name": "GLSA-202101-38", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202101-38" }, { "name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ], "title": "Local symlink attack in Unbound and NSD" } }, "cveMetadata": { "assignerOrgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6", "assignerShortName": "NLnet Labs", "cveId": "CVE-2020-28935", "datePublished": "2020-12-07T21:46:47.878342Z", "dateReserved": "2020-11-18T00:00:00", "dateUpdated": "2024-09-16T23:27:01.127Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-28935\",\"sourceIdentifier\":\"sep@nlnetlabs.nl\",\"published\":\"2020-12-07T22:15:20.853\",\"lastModified\":\"2024-11-21T05:23:19.620\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.\"},{\"lang\":\"es\",\"value\":\"NLnet Labs Unbound, hasta la versi\u00f3n 1.12.0 incluy\u00e9ndola, y NLnet Labs NSD, hasta la versi\u00f3n 4.3.3 incluy\u00e9ndola, contienen una vulnerabilidad local que permitir\u00eda un ataque de tipo symlink local. Al escribir el archivo PID, Unbound y NSD crean el archivo si no est\u00e1 all\u00ed, o abren un archivo existente para escribir. En caso de que el archivo ya existiera, seguir\u00edan enlaces simb\u00f3licos si el archivo fuera un enlace simb\u00f3lico en lugar de un archivo normal. Luego, se llevar\u00eda a cabo una copia adicional del archivo despu\u00e9s de que se escribi\u00f3, lo que har\u00eda que el usuario Unbound/NSD se ejecute como el nuevo propietario del archivo. Si un atacante tiene acceso local al usuario con el que se ejecuta Unbound/NSD, podr\u00eda crear un enlace simb\u00f3lico en lugar del archivo PID que apunta hacia un archivo que le gustar\u00eda borrar. Si luego Unbound/NSD es eliminado y el archivo PID no se borra, al reiniciar con privilegios root, Unbound/NSD reescribir\u00e1 cualquier archivo apuntado por el enlace simb\u00f3lico. Esta es una vulnerabilidad local que podr\u00eda crear una Denegaci\u00f3n de Servicio del sistema en el que se ejecuta Unbound/NSD. Requiere que un atacante tenga acceso al usuario de permiso limitado que se ejecuta como Unbound/NSD y apunta por medio del enlace simb\u00f3lico a un archivo cr\u00edtico en el sistema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sep@nlnetlabs.nl\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nlnetlabs:name_server_daemon:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.3.4\",\"matchCriteriaId\":\"2999AD3A-4E86-4E7F-94DC-7972AF046056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.13.0\",\"matchCriteriaId\":\"B5033957-63F8-4F49-A451-96BEF9644520\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html\",\"source\":\"sep@nlnetlabs.nl\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html\",\"source\":\"sep@nlnetlabs.nl\"},{\"url\":\"https://security.gentoo.org/glsa/202101-38\",\"source\":\"sep@nlnetlabs.nl\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt\",\"source\":\"sep@nlnetlabs.nl\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt\",\"source\":\"sep@nlnetlabs.nl\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/202101-38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
ghsa-q92f-7cwj-w4w5
Vulnerability from github
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.
{ "affected": [], "aliases": [ "CVE-2020-28935" ], "database_specific": { "cwe_ids": [ "CWE-59" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-12-07T22:15:00Z", "severity": "MODERATE" }, "details": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.", "id": "GHSA-q92f-7cwj-w4w5", "modified": "2022-10-12T19:00:39Z", "published": "2022-05-24T17:35:44Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28935" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202101-38" }, { "type": "WEB", "url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt" }, { "type": "WEB", "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
gsd-2020-28935
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2020-28935", "description": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.", "id": "GSD-2020-28935", "references": [ "https://www.suse.com/security/cve/CVE-2020-28935.html", "https://access.redhat.com/errata/RHSA-2022:0632", "https://access.redhat.com/errata/RHSA-2021:1853", "https://ubuntu.com/security/CVE-2020-28935", "https://advisories.mageia.org/CVE-2020-28935.html", "https://security.archlinux.org/CVE-2020-28935", "https://linux.oracle.com/cve/CVE-2020-28935.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-28935" ], "details": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.", "id": "GSD-2020-28935", "modified": "2023-12-13T01:22:01.773276Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "sep@nlnetlabs.nl", "DATE_PUBLIC": "2020-12-01T00:00:00.000Z", "ID": "CVE-2020-28935", "STATE": "PUBLIC", "TITLE": "Local symlink attack in Unbound and NSD" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Unbound", "version": { "version_data": [ { "version_value": "\u003c= 1.12.0" } ] } }, { "product_name": "NSD", "version": { "version_data": [ { "version_value": "\u003c= 4.3.3" } ] } } ] }, "vendor_name": "NLnet Labs" } ] } }, "credit": [ { "lang": "eng", "value": "We would like to thank Mason Loring Bliss for bringing the issue to our attention." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt", "refsource": "CONFIRM", "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt" }, { "name": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt", "refsource": "CONFIRM", "url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt" }, { "name": "GLSA-202101-38", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202101-38" }, { "name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "1.13.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:nlnetlabs:name_server_daemon:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.3.4", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "sep@nlnetlabs.nl", "ID": "CVE-2020-28935" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-59" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt" }, { "name": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt" }, { "name": "GLSA-202101-38", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202101-38" }, { "name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html" }, { "name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update", "refsource": "MLIST", "tags": [], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } }, "lastModifiedDate": "2023-03-29T15:15Z", "publishedDate": "2020-12-07T22:15Z" } } }
rhsa-2021_1853
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for unbound is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: integer overflow in the regional allocator via regional_alloc (CVE-2019-25032)\n\n* unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write (CVE-2019-25034)\n\n* unbound: out-of-bounds write in sldns_bget_token_par (CVE-2019-25035)\n\n* unbound: assertion failure and denial of service in synth_cname (CVE-2019-25036)\n\n* unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet (CVE-2019-25037)\n\n* unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c (CVE-2019-25038)\n\n* unbound: integer overflow in a size calculation in respip/respip.c (CVE-2019-25039)\n\n* unbound: infinite loop via a compressed name in dname_pkt_copy (CVE-2019-25040)\n\n* unbound: assertion failure via a compressed name in dname_pkt_copy (CVE-2019-25041)\n\n* unbound: out-of-bounds write via a compressed name in rdata_copy (CVE-2019-25042)\n\n* unbound: symbolic link traversal when writing PID file (CVE-2020-28935)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:1853", "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/" }, { "category": "external", "summary": "1714175", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714175" }, { "category": "external", "summary": "1842837", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842837" }, { "category": "external", "summary": "1850460", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850460" }, { "category": "external", "summary": "1878761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "category": "external", "summary": "1954772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "category": "external", "summary": "1954778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "category": "external", "summary": "1954780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "category": "external", "summary": "1954782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "category": "external", "summary": "1954794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "category": "external", "summary": "1954796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "category": "external", "summary": "1954797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "category": "external", "summary": "1954799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "category": "external", "summary": "1954801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "category": "external", "summary": "1954804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1853.json" } ], "title": "Red Hat Security Advisory: unbound security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-22T16:05:51+00:00", "generator": { "date": "2024-11-22T16:05:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:1853", "initial_release_date": "2021-05-18T14:39:25+00:00", "revision_history": [ { "date": "2021-05-18T14:39:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-05-18T14:39:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T16:05:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-15.el8.s390x", "product": { "name": "python3-unbound-0:1.7.3-15.el8.s390x", "product_id": "python3-unbound-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-0:1.7.3-15.el8.s390x", "product_id": "unbound-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-devel-0:1.7.3-15.el8.s390x", "product_id": "unbound-devel-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-libs-0:1.7.3-15.el8.s390x", "product_id": "unbound-libs-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-debugsource-0:1.7.3-15.el8.s390x", "product_id": "unbound-debugsource-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-debuginfo-0:1.7.3-15.el8.s390x", "product_id": "unbound-debuginfo-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8?arch=s390x" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-15.el8.x86_64", "product": { "name": "python3-unbound-0:1.7.3-15.el8.x86_64", "product_id": "python3-unbound-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-0:1.7.3-15.el8.x86_64", "product_id": "unbound-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-devel-0:1.7.3-15.el8.x86_64", "product_id": "unbound-devel-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-libs-0:1.7.3-15.el8.x86_64", "product_id": "unbound-libs-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-debugsource-0:1.7.3-15.el8.x86_64", "product_id": "unbound-debugsource-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product_id": "unbound-debuginfo-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64", "product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "unbound-devel-0:1.7.3-15.el8.i686", "product": { "name": "unbound-devel-0:1.7.3-15.el8.i686", "product_id": "unbound-devel-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8?arch=i686" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-15.el8.i686", "product": { "name": "unbound-libs-0:1.7.3-15.el8.i686", "product_id": "unbound-libs-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8?arch=i686" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-15.el8.i686", "product": { "name": "unbound-debugsource-0:1.7.3-15.el8.i686", "product_id": "unbound-debugsource-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8?arch=i686" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-15.el8.i686", "product": { "name": "unbound-debuginfo-0:1.7.3-15.el8.i686", "product_id": "unbound-debuginfo-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8?arch=i686" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-15.el8.ppc64le", "product": { "name": "python3-unbound-0:1.7.3-15.el8.ppc64le", "product_id": "python3-unbound-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-devel-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-devel-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-libs-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-libs-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-debugsource-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-debugsource-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-15.el8.aarch64", "product": { "name": "python3-unbound-0:1.7.3-15.el8.aarch64", "product_id": "python3-unbound-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-0:1.7.3-15.el8.aarch64", "product_id": "unbound-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-devel-0:1.7.3-15.el8.aarch64", "product_id": "unbound-devel-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-libs-0:1.7.3-15.el8.aarch64", "product_id": "unbound-libs-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-debugsource-0:1.7.3-15.el8.aarch64", "product_id": "unbound-debugsource-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product_id": "python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product_id": "unbound-debuginfo-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-15.el8?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "product_id": "unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-15.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "unbound-0:1.7.3-15.el8.src", "product": { "name": "unbound-0:1.7.3-15.el8.src", "product_id": "unbound-0:1.7.3-15.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-15.el8?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64" }, "product_reference": "python3-unbound-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le" }, "product_reference": "python3-unbound-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x" }, "product_reference": "python3-unbound-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64" }, "product_reference": "python3-unbound-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-15.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src" }, "product_reference": "unbound-0:1.7.3-15.el8.src", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-debuginfo-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686" }, "product_reference": "unbound-debuginfo-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-debuginfo-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-debuginfo-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-debugsource-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686" }, "product_reference": "unbound-debugsource-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-debugsource-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-debugsource-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-debugsource-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-devel-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686" }, "product_reference": "unbound-devel-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-devel-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-devel-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-devel-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-libs-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686" }, "product_reference": "unbound-libs-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-libs-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-libs-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-libs-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-25032", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954772" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in regional_alloc function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker and can be big enough. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in the regional allocator via regional_alloc", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25032" }, { "category": "external", "summary": "RHBZ#1954772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25032", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25032" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25032", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25032" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in the regional allocator via regional_alloc" }, { "cve": "CVE-2019-25034", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954778" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in the sldns_str2wire_dname_buf_origin function may lead to a buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25034" }, { "category": "external", "summary": "RHBZ#1954778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25034", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25034" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25034", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25034" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write" }, { "cve": "CVE-2019-25035", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954780" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An out-of-bounds write in the sldns_bget_token_par function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: out-of-bounds write in sldns_bget_token_par", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the out-of-bounds write can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25035" }, { "category": "external", "summary": "RHBZ#1954780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25035", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25035" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25035", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25035" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: out-of-bounds write in sldns_bget_token_par" }, { "cve": "CVE-2019-25036", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954782" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the synth_cname function can be triggered by sending invalid packets to the server. If asserts are disabled during compilation, this issue might lead to an out-of-bounds write in dname_pkt_copy function. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure and denial of service in synth_cname", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue could not be triggered by running unbound regularly, but only by injecting the packet directly to the vulnerable function through fuzzing. For this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25036" }, { "category": "external", "summary": "RHBZ#1954782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25036", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25036" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25036", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25036" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure and denial of service in synth_cname" }, { "cve": "CVE-2019-25037", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954794" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the dname_pkt_copy function can be triggered by sending invalid packets to the server. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet", "title": "Vulnerability summary" }, { "category": "other", "text": "Upstream has disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25037" }, { "category": "external", "summary": "RHBZ#1954794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25037", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25037" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25037", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25037" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet" }, { "cve": "CVE-2019-25038", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954796" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in dnsc_load_local_data function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the integer overflow can lead to a buffer overflow in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25038" }, { "category": "external", "summary": "RHBZ#1954796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25038", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25038" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25038", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25038" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c" }, { "cve": "CVE-2019-25039", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954797" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in ub_packed_rrset_key function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in a size calculation in respip/respip.c", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the integer overflow can lead to a buffer overflow in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25039" }, { "category": "external", "summary": "RHBZ#1954797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25039", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25039" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25039", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25039" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in a size calculation in respip/respip.c" }, { "cve": "CVE-2019-25040", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954799" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An infinite loop in dname_pkt_copy function could be triggered by a remote attacker. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: infinite loop via a compressed name in dname_pkt_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the infinite loop can be triggered in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25040" }, { "category": "external", "summary": "RHBZ#1954799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25040", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25040" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: infinite loop via a compressed name in dname_pkt_copy" }, { "cve": "CVE-2019-25041", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954801" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the dname_pkt_copy function can be triggered through compressed names. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure via a compressed name in dname_pkt_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "According to the original report there are checks happening before the affected function that make this not exploitable. For these reasons its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25041" }, { "category": "external", "summary": "RHBZ#1954801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25041", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25041" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure via a compressed name in dname_pkt_copy" }, { "cve": "CVE-2019-25042", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954804" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An out-of-bounds write in the rdata_copy function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: out-of-bounds write via a compressed name in rdata_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "According to the original report there are checks happening before the affected function that make this not exploitable. For these reasons its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25042" }, { "category": "external", "summary": "RHBZ#1954804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25042", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25042" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: out-of-bounds write via a compressed name in rdata_copy" }, { "acknowledgments": [ { "names": [ "Mason Loring Bliss" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-28935", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "discovery_date": "2020-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1878761" } ], "notes": [ { "category": "description", "text": "A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying the original content. The highest threat from this vulnerability is integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: symbolic link traversal when writing PID file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28935" }, { "category": "external", "summary": "RHBZ#1878761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28935" } ], "release_date": "2020-09-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T14:39:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1853" }, { "category": "workaround", "details": "If SELinux is enabled in Enforcing mode (the default value in Red Hat Enterprise Linux 8), this kind of attack is prevented as unbound would be blocked from accessing the symbolic link file.", "product_ids": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:python3-unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.src", "AppStream-8.4.0.GA:unbound-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debuginfo-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-debugsource-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-devel-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-0:1.7.3-15.el8.x86_64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.aarch64", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.i686", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.ppc64le", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.s390x", "AppStream-8.4.0.GA:unbound-libs-debuginfo-0:1.7.3-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "unbound: symbolic link traversal when writing PID file" } ] }
rhsa-2022_0632
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for unbound is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. \n\nSecurity Fix(es):\n\n* unbound: integer overflow in the regional allocator via regional_alloc (CVE-2019-25032)\n\n* unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write (CVE-2019-25034)\n\n* unbound: out-of-bounds write in sldns_bget_token_par (CVE-2019-25035)\n\n* unbound: assertion failure and denial of service in synth_cname (CVE-2019-25036)\n\n* unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet (CVE-2019-25037)\n\n* unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c (CVE-2019-25038)\n\n* unbound: integer overflow in a size calculation in respip/respip.c (CVE-2019-25039)\n\n* unbound: infinite loop via a compressed name in dname_pkt_copy (CVE-2019-25040)\n\n* unbound: assertion failure via a compressed name in dname_pkt_copy (CVE-2019-25041)\n\n* unbound: out-of-bounds write via a compressed name in rdata_copy (CVE-2019-25042)\n\n* unbound: symbolic link traversal when writing PID file (CVE-2020-28935)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2022:0632", "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1878761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "category": "external", "summary": "1954772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "category": "external", "summary": "1954778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "category": "external", "summary": "1954780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "category": "external", "summary": "1954782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "category": "external", "summary": "1954794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "category": "external", "summary": "1954796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "category": "external", "summary": "1954797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "category": "external", "summary": "1954799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "category": "external", "summary": "1954801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "category": "external", "summary": "1954804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_0632.json" } ], "title": "Red Hat Security Advisory: unbound security update", "tracking": { "current_release_date": "2024-11-22T16:05:59+00:00", "generator": { "date": "2024-11-22T16:05:59+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2022:0632", "initial_release_date": "2022-02-22T15:16:51+00:00", "revision_history": [ { "date": "2022-02-22T15:16:51+00:00", "number": "1", "summary": "Initial version" }, { "date": "2022-02-22T15:16:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T16:05:59+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.2::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-12.el8_2.aarch64", "product": { "name": "python3-unbound-0:1.7.3-12.el8_2.aarch64", "product_id": "python3-unbound-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-devel-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-devel-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-libs-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-libs-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "python3-unbound-0:1.7.3-12.el8_2.ppc64le", "product_id": "python3-unbound-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-devel-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-devel-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-libs-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-libs-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-12.el8_2.x86_64", "product": { "name": "python3-unbound-0:1.7.3-12.el8_2.x86_64", "product_id": "python3-unbound-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-devel-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-devel-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-libs-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-libs-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "unbound-devel-0:1.7.3-12.el8_2.i686", "product": { "name": "unbound-devel-0:1.7.3-12.el8_2.i686", "product_id": "unbound-devel-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2?arch=i686" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-12.el8_2.i686", "product": { "name": "unbound-libs-0:1.7.3-12.el8_2.i686", "product_id": "unbound-libs-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2?arch=i686" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-12.el8_2.i686", "product": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.i686", "product_id": "unbound-debugsource-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2?arch=i686" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2?arch=i686" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2?arch=i686" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "python3-unbound-0:1.7.3-12.el8_2.s390x", "product": { "name": "python3-unbound-0:1.7.3-12.el8_2.s390x", "product_id": "python3-unbound-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-devel-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-devel-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-devel-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-devel@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-libs-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-libs-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-libs-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-debugsource-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-debugsource-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debugsource@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product_id": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-unbound-debuginfo@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-debuginfo@1.7.3-12.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "product": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "product_id": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound-libs-debuginfo@1.7.3-12.el8_2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "unbound-0:1.7.3-12.el8_2.src", "product": { "name": "unbound-0:1.7.3-12.el8_2.src", "product_id": "unbound-0:1.7.3-12.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/unbound@1.7.3-12.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "python3-unbound-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "python3-unbound-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x" }, "product_reference": "python3-unbound-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "python3-unbound-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-12.el8_2.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src" }, "product_reference": "unbound-0:1.7.3-12.el8_2.src", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686" }, "product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debuginfo-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686" }, "product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-debugsource-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-devel-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686" }, "product_reference": "unbound-devel-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-devel-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-devel-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-devel-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-devel-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-libs-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686" }, "product_reference": "unbound-libs-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-libs-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-libs-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-libs-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.2)", "product_id": "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" }, "product_reference": "unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64", "relates_to_product_reference": "AppStream-8.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-25032", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954772" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in regional_alloc function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker and can be big enough. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in the regional allocator via regional_alloc", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25032" }, { "category": "external", "summary": "RHBZ#1954772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954772" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25032", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25032" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25032", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25032" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in the regional allocator via regional_alloc" }, { "cve": "CVE-2019-25034", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954778" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in the sldns_str2wire_dname_buf_origin function may lead to a buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the buffer overflow can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25034" }, { "category": "external", "summary": "RHBZ#1954778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954778" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25034", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25034" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25034", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25034" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in sldns_str2wire_dname_buf_origin can lead to an out-of-bounds write" }, { "cve": "CVE-2019-25035", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954780" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An out-of-bounds write in the sldns_bget_token_par function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: out-of-bounds write in sldns_bget_token_par", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the out-of-bounds write can happen in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25035" }, { "category": "external", "summary": "RHBZ#1954780", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954780" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25035", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25035" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25035", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25035" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: out-of-bounds write in sldns_bget_token_par" }, { "cve": "CVE-2019-25036", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954782" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the synth_cname function can be triggered by sending invalid packets to the server. If asserts are disabled during compilation, this issue might lead to an out-of-bounds write in dname_pkt_copy function. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure and denial of service in synth_cname", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue could not be triggered by running unbound regularly, but only by injecting the packet directly to the vulnerable function through fuzzing. For this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25036" }, { "category": "external", "summary": "RHBZ#1954782", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954782" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25036", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25036" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25036", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25036" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure and denial of service in synth_cname" }, { "cve": "CVE-2019-25037", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954794" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the dname_pkt_copy function can be triggered by sending invalid packets to the server. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet", "title": "Vulnerability summary" }, { "category": "other", "text": "Upstream has disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25037" }, { "category": "external", "summary": "RHBZ#1954794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954794" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25037", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25037" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25037", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25037" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure and denial of service in dname_pkt_copy via an invalid packet" }, { "cve": "CVE-2019-25038", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954796" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in dnsc_load_local_data function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the integer overflow can lead to a buffer overflow in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25038" }, { "category": "external", "summary": "RHBZ#1954796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954796" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25038", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25038" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25038", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25038" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in a size calculation in dnscrypt/dnscrypt.c" }, { "cve": "CVE-2019-25039", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954797" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An integer overflow in ub_packed_rrset_key function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: integer overflow in a size calculation in respip/respip.c", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the integer overflow can lead to a buffer overflow in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25039" }, { "category": "external", "summary": "RHBZ#1954797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954797" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25039", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25039" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25039", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25039" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: integer overflow in a size calculation in respip/respip.c" }, { "cve": "CVE-2019-25040", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954799" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An infinite loop in dname_pkt_copy function could be triggered by a remote attacker. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: infinite loop via a compressed name in dname_pkt_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "There is no available reproducer or proof of concept for this issue, nor it was ever proven the infinite loop can be triggered in practice. Indeed in the original report this issue was considered one that might not be triggered and for this reason its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25040" }, { "category": "external", "summary": "RHBZ#1954799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954799" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25040", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25040" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: infinite loop via a compressed name in dname_pkt_copy" }, { "cve": "CVE-2019-25041", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954801" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. A reachable assertion in the dname_pkt_copy function can be triggered through compressed names. The highest threat from this vulnerability is to service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: assertion failure via a compressed name in dname_pkt_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "According to the original report there are checks happening before the affected function that make this not exploitable. For these reasons its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25041" }, { "category": "external", "summary": "RHBZ#1954801", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954801" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25041", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25041" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25041", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25041" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: assertion failure via a compressed name in dname_pkt_copy" }, { "cve": "CVE-2019-25042", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-04-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1954804" } ], "notes": [ { "category": "description", "text": "A flaw was found in unbound. An out-of-bounds write in the rdata_copy function may be abused by a remote attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: out-of-bounds write via a compressed name in rdata_copy", "title": "Vulnerability summary" }, { "category": "other", "text": "According to the original report there are checks happening before the affected function that make this not exploitable. For these reasons its Impact is Moderate. Upstream has also disputed this CVE.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25042" }, { "category": "external", "summary": "RHBZ#1954804", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954804" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25042", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25042" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25042", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25042" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "unbound: out-of-bounds write via a compressed name in rdata_copy" }, { "acknowledgments": [ { "names": [ "Mason Loring Bliss" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-28935", "cwe": { "id": "CWE-59", "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)" }, "discovery_date": "2020-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1878761" } ], "notes": [ { "category": "description", "text": "A symbolic link traversal vulnerability was found in unbound in the way it writes its PID file while starting up. This flaw allows a local attacker with access to the unbound user to set up a link to another file, owned by root, and make unbound overwrite it during its next restart, destroying the original content. The highest threat from this vulnerability is integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "unbound: symbolic link traversal when writing PID file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-28935" }, { "category": "external", "summary": "RHBZ#1878761", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878761" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-28935", "url": "https://www.cve.org/CVERecord?id=CVE-2020-28935" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28935", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28935" } ], "release_date": "2020-09-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2022-02-22T15:16:51+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2022:0632" }, { "category": "workaround", "details": "If SELinux is enabled in Enforcing mode (the default value in Red Hat Enterprise Linux 8), this kind of attack is prevented as unbound would be blocked from accessing the symbolic link file.", "product_ids": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:python3-unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.src", "AppStream-8.2.0.Z.EUS:unbound-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debuginfo-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-debugsource-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-devel-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-0:1.7.3-12.el8_2.x86_64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.aarch64", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.i686", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.ppc64le", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.s390x", "AppStream-8.2.0.Z.EUS:unbound-libs-debuginfo-0:1.7.3-12.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "unbound: symbolic link traversal when writing PID file" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.