Red Hat Security Advisory 2020-2684-01

Red Hat Security Advisory 2020-2684-01: Posted Jun 23, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-2684-01 - The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. Issues addressed include a man-in-the-middle vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-10749; SHA-256 | a92109f50f89545b072779787972376dbe35b566e2eddf162b10c65f75220dfb; Download | Favorite | View

Red Hat Security Advisory 2020-2684-01

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: containernetworking-plugins security update
Advisory ID:       RHSA-2020:2684-01
Product:           Red Hat Enterprise Linux Extras
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:2684
Issue date:        2020-06-23
CVE Names:         CVE-2020-10749
====================================================================
1. Summary:

An update for containernetworking-plugins is now available for Red Hat
Enterprise Linux 7 Extras.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux 7 Extras - ppc64le, s390x, x86_64

3. Description:

The Container Network Interface (CNI) project consists of a specification
and libraries for writing plug-ins for configuring network interfaces in
Linux containers, along with a number of supported plug-ins. CNI concerns
itself only with network connectivity of containers and removing allocated
resources when the container is deleted.

Security Fix(es):

* containernetworking/plugins: IPv6 router advertisements allow for MitM
attacks on IPv4 clusters (CVE-2020-10749)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters

6. Package List:

Red Hat Enterprise Linux 7 Extras:

Source:
containernetworking-plugins-0.8.3-3.el7_8.src.rpm

ppc64le:
containernetworking-plugins-0.8.3-3.el7_8.ppc64le.rpm
containernetworking-plugins-debuginfo-0.8.3-3.el7_8.ppc64le.rpm

s390x:
containernetworking-plugins-0.8.3-3.el7_8.s390x.rpm
containernetworking-plugins-debuginfo-0.8.3-3.el7_8.s390x.rpm

x86_64:
containernetworking-plugins-0.8.3-3.el7_8.x86_64.rpm
containernetworking-plugins-debuginfo-0.8.3-3.el7_8.x86_64.rpm

Red Hat Enterprise Linux 7 Extras:

Source:
containernetworking-plugins-0.8.3-3.el7_8.src.rpm

x86_64:
containernetworking-plugins-0.8.3-3.el7_8.x86_64.rpm
containernetworking-plugins-debuginfo-0.8.3-3.el7_8.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-10749
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXvIR7NzjgjWX9erEAQgITxAAqJBOpSRe6gtzTCQIr765GwWSlukHF037
lRkZoNfRFWIdPjFsds4P9NzaPvN0a1xT/jYFvKwUmMT4FHBu1p9Q4PqkSkYj/PND
1eS3XicKQ/ZfoKGD9znS3t4Jamx9cuDjKOXv0Ji86h0rlsypJdTM5YgsCCMqc//i
+nVmB7TDix6s2niF7LQFlvb+IMegfQLQlL60koBt4Th7JUa6e9Lyb8OZkJ9jW8Tc
8Hde89bNG3ogsHOX/GJwCyDWisP6G2c4c/qA930bOrK1pgHXRzbUpvBM+s10HUBH
7Z2imm1HWkHoQaZA4boabj17OUg5HPm15X+/RluxrMBeNxLWpVVbLLy+Csvjv2Oy
CmO0XN+0rgXw9ZYhs/8Pggqh2IChy59dNi8rkBkAo1Psjc1lFCTzdQv/fCqao8HM
FsczmTZpqgZH8hMiwi+zEJHa1iL+rIXl9N5Cj8zT+u1xvr0JjxzNXpUnaPuaygNR
7hLoSZB2xcThnhOSdsxEh0n28P+2l2GxmMI8Fp4IXBmBcDkC0PW2UU+wvIV5mBWw
Pj/GENWUhs4dT+CUPOZep9IdRHQ6HVquohvSf16rfUQ/F3pJ7UN6jbu1+EIPN33e
EBQmMmt+w7/bQDSDnUmwbW/r3NSDrnopEQPr/z8wU5EHn9MnB6e+v+NbMLlRwpwE
hq0I2UvgzOs=1g4M
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Red Hat Security Advisory 2020-2684-01

Red Hat Security Advisory 2020-2684-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2020-2684-01

Share This

Red Hat Security Advisory 2020-2684-01

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems