Bug 13948

Summary: [CVE 21] thrift 0.10.0 CVEs found
Product: [ROSA-based products] ROSA Fresh Reporter: Yury <y.tumanov>
Component: System (kernel, glibc, systemd, bash, PAM...)Assignee: ROSA Linux Bugs <bugs>
Status: RESOLVED DUPLICATE QA Contact: ROSA Linux Bugs <bugs>
Severity: critical    
Priority: Highest CC: a.proklov, e.kosachev, s.matveev, v.potapov, y.tumanov
Version: AllFlags: y.tumanov: secteam_verified?
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2018-11798, CVE-2019-11938, CVE-2019-11939, CVE-2019-3552, CVE-2019-3553, CVE-2019-3558, CVE-2019-3559, CVE-2019-3564, CVE-2019-3565, CVE-2020-13949, CVE-2021-24028,
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Yury 2023-10-18 20:31:37 MSK 
Please patch CVEs for package thrift version 0.10.0
  
INFO (CVEs are): thrift 0.10.0
 cves found
CVE-2018-11798
Desc: The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path.
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-11798
Severity: MEDIUM
CVE-2019-11938
Desc: Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-11938
Severity: HIGH
CVE-2019-11939
Desc: Golang Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.03.16.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-11939
Severity: HIGH
CVE-2019-3552
Desc: C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3552
Severity: HIGH
CVE-2019-3553
Desc: C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3553
Severity: HIGH
CVE-2019-3558
Desc: Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3558
Severity: HIGH
CVE-2019-3559
Desc: Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.02.18.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3559
Severity: HIGH
CVE-2019-3564
Desc: Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.03.04.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3564
Severity: HIGH
CVE-2019-3565
Desc: Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. As a result, malicious clients could send short messages which would take a long time for the server to parse, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.05.06.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3565
Severity: HIGH
CVE-2020-13949
Desc: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service.
Link: https://nvd.nist.gov/vuln/detail/CVE-2020-13949
Severity: HIGH
CVE-2021-24028
Desc: An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.
Link: https://nvd.nist.gov/vuln/detail/CVE-2021-24028
Severity: CRITICAL
Comment 1 Aleksandr Proklov 2023-10-25 09:33:16 MSK 
Я уже писал про этот thrift дубликат чтоли?
Comment 2 Yury 2023-10-27 20:51:57 MSK 

*** This bug has been marked as a duplicate of bug 13816 ***