916512 – (CVE-2023-20897, CVE-2023-20898, CVE-2023-34049) <app-admin/salt-3005.4: multiple vulnerabilities

Bug 916512 (CVE-2023-20897, CVE-2023-20898, CVE-2023-34049) - <app-admin/salt-3005.4: multiple vulnerabilities

Summary: <app-admin/salt-3005.4: multiple vulnerabilities

Status:	IN_PROGRESS

Alias:	CVE-2023-20897, CVE-2023-20898, CVE-2023-34049

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B2 [glsa?]
Keywords:

Depends on:	921974
Blocks:
	Show dependency tree

Reported:	2023-10-29 23:42 UTC by John Helmert III
Modified:	2024-04-05 12:17 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2023-10-29 23:42:03 UTC

From https://groups.google.com/g/salt-announce/c/rxYIzQ6jnQs/m/i_UvF76kAAAJ:

CVE-2023-20897:

- **Impact**: After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.

CVE-2023-20898:

- **Impact:** Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.

Fixes in 3005.2, 3006.2.

From: https://groups.google.com/g/salt-announce/c/BgrqzYaTAoM/m/cN0JEg1mAwAJ:

CVE-2023-34049:

Impact: If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script with the privileges of the user running Salt-SSH.

Fix in 3005.4, 3006.4. Please bump.

Comment 1 John Helmert III archtester

2024-02-17 21:22:44 UTC

Please cleanup