{ "threat_severity" : "Moderate", "public_date" : "2020-12-09T00:00:00Z", "bugzilla" : { "description" : "python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow", "id" : "1926226", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1926226" }, "cvss3" : { "cvss3_base_score" : "8.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.", "A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of ``update()`` calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw. Source: pyca/cryptography project" ], "statement" : "Triggering this flaw on in versions of python-cryptography as shipped with Red Hat Enterprise Linux 8 BaseOS, Appstream, as well as Red Hat Software Collections, can result in denial of service due to memory consumption or MemoryError exception.\nIn Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-cryptography package.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2021-05-18T00:00:00Z", "advisory" : "RHSA-2021:1608", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "python-cryptography-0:3.2.1-4.el8" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-babel-0:2.7.0-12.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-0:3.8.11-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-cryptography-0:2.8-5.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-jinja2-0:2.10.3-6.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-lxml-0:4.4.1-7.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-pip-0:19.3.1-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-urllib3-0:1.25.7-7.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-babel-0:2.7.0-12.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-0:3.8.11-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-cryptography-0:2.8-5.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-jinja2-0:2.10.3-6.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-lxml-0:4.4.1-7.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-pip-0:19.3.1-2.el7" }, { "product_name" : "Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS", "release_date" : "2021-08-24T00:00:00Z", "advisory" : "RHSA-2021:3254", "cpe" : "cpe:/a:redhat:rhel_software_collections:3::el7", "package" : "rh-python38-python-urllib3-0:1.25.7-7.el7" }, { "product_name" : "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date" : "2021-06-03T00:00:00Z", "advisory" : "RHSA-2021:2239", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package" : "redhat-virtualization-host-0:4.4.6-20210527.3.el8_4" } ], "package_state" : [ { "product_name" : "CloudForms Management Engine 5", "fix_state" : "Not affected", "package_name" : "python-cryptography", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5" }, { "product_name" : "Red Hat Ansible Automation Platform 1.2", "fix_state" : "Will not fix", "package_name" : "cryptography", "cpe" : "cpe:/a:redhat:ansible_automation_platform" }, { "product_name" : "Red Hat Ansible Automation Platform 1.2", "fix_state" : "Will not fix", "package_name" : "python-cryptography", "cpe" : "cpe:/a:redhat:ansible_automation_platform" }, { "product_name" : "Red Hat Ansible Engine 2", "fix_state" : "Out of support scope", "package_name" : "python-cryptography", "cpe" : "cpe:/a:redhat:ansible_engine:2" }, { "product_name" : "Red Hat Ansible Tower 3", "fix_state" : "Will not fix", "package_name" : "cryptography", "cpe" : "cpe:/a:redhat:ansible_tower:3" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "python-cryptography", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "python38:3.8/python-cryptography", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "python39:3.9/python-cryptography", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "python-cryptography", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat OpenStack Platform 13 (Queens)", "fix_state" : "Will not fix", "package_name" : "python-cryptography", "cpe" : "cpe:/a:redhat:openstack:13" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Affected", "package_name" : "quay/quay-rhel8", "cpe" : "cpe:/a:redhat:quay:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-36242\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-36242\nhttps://cryptography.io/en/latest/changelog.html#v3-3-2" ], "name" : "CVE-2020-36242", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }