exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2021-20291

Status Candidate

Overview

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

Related Files

Red Hat Security Advisory 2022-7955-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7955-01 - The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20291, CVE-2021-33198
SHA-256 | 4e0707644ecf9e9421cd830bd73cba92844a7435320b5b6a805437f694882ab1
Red Hat Security Advisory 2022-8008-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-8008-01 - The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Issues addressed include denial of service and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-20291, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2022-27191, CVE-2022-2989, CVE-2022-2990
SHA-256 | f27bc3e529f8aa8ebd57f3027862054868818878916e80cbd4d078f8cadc588f
Red Hat Security Advisory 2022-7954-01
Posted Nov 16, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-7954-01 - The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2020-28851, CVE-2020-28852, CVE-2021-20199, CVE-2021-20291, CVE-2021-33197, CVE-2021-34558, CVE-2021-4024, CVE-2022-27191
SHA-256 | a8180c3a1689b71a9ce4a9b23b35c42e5c48899cbe6d18ebd18e254562e3d69c
Red Hat Security Advisory 2021-4154-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4154-03 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20291, CVE-2021-3602
SHA-256 | ab8fbead7b6dbcc1dcd05b778178c796c53d317e9279b9060b9cac21a1e40016
Red Hat Security Advisory 2021-2438-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114, CVE-2020-15136, CVE-2020-26160, CVE-2020-26541, CVE-2020-28469, CVE-2020-28500, CVE-2020-28852, CVE-2020-7774, CVE-2021-20206, CVE-2021-20271, CVE-2021-20291, CVE-2021-21419, CVE-2021-21623, CVE-2021-21639, CVE-2021-21640, CVE-2021-21648, CVE-2021-22133, CVE-2021-23337, CVE-2021-23362, CVE-2021-23368, CVE-2021-23382, CVE-2021-25735
SHA-256 | 44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6d
Red Hat Security Advisory 2021-1150-01
Posted Apr 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1150-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-20291
SHA-256 | cb0b05054e01dacfc97259c7111ab5d6358375e32e414ffad4b6c7394ff1feef
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close