{ "threat_severity" : "Low", "public_date" : "2021-06-04T00:00:00Z", "bugzilla" : { "description" : "httpd: Single zero byte stack overflow in mod_auth_digest", "id" : "1966724", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1966724" }, "cvss3" : { "cvss3_base_score" : "7.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "status" : "verified" }, "cwe" : "CWE-119", "details" : [ "Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow", "A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability." ], "statement" : "This is a one byte overflow and as per upstream it should be non-exploitable in most condtions.", "acknowledgement" : "Red Hat would like to thank Antonio Morales (GHSL) and the Apache project for reporting this issue.", "affected_release" : [ { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-apr-0:1.6.3-107.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-apr-util-0:1.6.1-84.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-curl-0:7.78.0-2.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-httpd-0:2.4.37-78.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-mod_http2-0:1.15.7-21.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-mod_md-1:2.0.8-40.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-mod_security-0:2.9.2-67.GA.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-nghttp2-0:1.39.2-39.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-openssl-1:1.1.1g-8.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-openssl-chil-0:1.0.0-7.el8jbcs" }, { "product_name" : "JBoss Core Services for RHEL 8", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el8", "package" : "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.el8jbcs" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-apr-0:1.6.3-107.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-apr-util-0:1.6.1-84.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-curl-0:7.78.0-2.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-httpd-0:2.4.37-78.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_cluster-native-0:1.3.16-9.Final_redhat_2.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_http2-0:1.15.7-21.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_jk-0:1.2.48-20.redhat_1.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_md-1:2.0.8-40.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_security-0:2.9.2-67.GA.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-nghttp2-0:1.39.2-39.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-openssl-1:1.1.1g-8.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-openssl-chil-0:1.0.0-7.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4614", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-openssl-pkcs11-0:0.4.10-22.jbcs.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2022-05-10T00:00:00Z", "advisory" : "RHSA-2022:1915", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "httpd:2.4-8060020220321163517.d63f516d" }, { "product_name" : "Text-Only JBCS", "release_date" : "2021-11-10T00:00:00Z", "advisory" : "RHSA-2021:4613", "cpe" : "cpe:/a:redhat:jboss_core_services:1", "package" : "httpd" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "httpd", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "httpd", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "httpd", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Out of support scope", "package_name" : "httpd22", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Enterprise Web Server 2", "fix_state" : "Out of support scope", "package_name" : "httpd22", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:2" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Fix deferred", "package_name" : "httpd24-httpd", "cpe" : "cpe:/a:redhat:rhel_software_collections:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-35452\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-35452\nhttps://httpd.apache.org/security/vulnerabilities_24.html" ], "name" : "CVE-2020-35452", "mitigation" : { "value" : "Only configurations which use mod_auth_digest are affected by this flaw. Also as per upstream this flaw is not exploitable in most conditions, so there should really be no impact of this flaw.", "lang" : "en:us" }, "csaw" : false }