Vulnerability CVE-2020-8927

Vulnerability Name:

CVE-2020-8927 (CCN-188304)

Assigned:

2020-08-27

Published:

2020-08-27

Updated:

2022-04-22

Summary:

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): Low

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

6.5 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
5.7 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-120
CWE-130

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2020-8927

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:1578

Source: XF
Type: UNKNOWN
brotli-cve20208927-bo(188304)

Source: CCN
Type: Brotli GIT Repository
Brotli

Source: CONFIRM
Type: Release Notes, Third Party Advisory
https://github.com/google/brotli/releases/tag/v1.0.9

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20201201 [SECURITY] [DLA 2476-1] brotli security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-c76a35b209

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-d28042f559

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-e21bd401ad

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-bc9a739f0c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-22d278923a

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-5ecee47acb

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-9336b65f82

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-c663fbc46c

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2022-9e046f579a

Source: UBUNTU
Type: Third Party Advisory
USN-4568-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4801

Source: CCN
Type: IBM Security Bulletin 6493729 (Cloud Pak for Security)
Cloud Pak for Security is vulnerable to several CVEs

Source: CCN
Type: IBM Security Bulletin 6520474 (QRadar SIEM)
IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6538418 (Security Verify Access)
Multiple Security Vulnerabilities fixed in IBM Security Verify Access

Source: CCN
Type: IBM Security Bulletin 6614449 (Robotic Process Automation for Cloud Pak)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Vulnerable Configuration:

Configuration 1:

cpe:/a:google:brotli:*:*:*:*:*:*:*:* (Version < 1.0.8)

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:31:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Configuration 5:

cpe:/o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 6:

cpe:/a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:* (Version >= 16.0 and <= 16.11)

OR cpe:/a:microsoft:.net:*:*:*:*:*:*:*:* (Version >= 5.0 and <= 5.0.14)

OR cpe:/a:microsoft:.net_core:*:*:*:*:*:*:*:* (Version >= 3.1 and <= 3.1.22)

OR cpe:/a:microsoft:powershell:*:*:*:*:*:*:*:* (Version >= 7.2 and < 7.2.2)

OR cpe:/a:microsoft:powershell:*:*:*:*:*:*:*:* (Version >= 7.0 and < 7.0.9)

OR cpe:/a:microsoft:visual_studio_2022:17.1:*:*:*:*:*:*:*

OR cpe:/a:microsoft:powershell:*:*:*:*:*:*:*:* (Version >= 7.1 and < 7.1.6)

OR cpe:/a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:* (Version >= 17.0 and <= 17.0.7)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:google:brotli:1.0.8:*:*:*:*:*:*:*

AND

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:robotic_process_automation_for_cloud_pak:21.0.2:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20208927	V	CVE-2020-8927	2023-06-22
oval:org.opensuse.security:def:7579	P	libbrotli-devel-1.0.7-3.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3724	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP4) (Important)	2022-07-05
oval:org.opensuse.security:def:3541	P	krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2996	P	libbrotli-devel-1.0.7-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94653	P	liblcms2-2-2.12-150400.1.10 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94626	P	libbrotli-devel-1.0.7-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:102173	P	Security update for SUSE Manager Client Tools (Moderate)	2022-04-25
oval:com.redhat.rhsa:def:20220827	P	RHSA-2022:0827: .NET Core 3.1 security and bugfix update (Important)	2022-03-10
oval:com.redhat.rhsa:def:20220830	P	RHSA-2022:0830: .NET 5.0 security and bugfix update (Important)	2022-03-10
oval:org.opensuse.security:def:112045	P	cargo-audit-advisory-db-20220105-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:64638	P	Security update for postgresql10 (Important)	2021-12-14
oval:org.opensuse.security:def:64639	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:111819	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:93275	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:100025	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:101366	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:76412	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:93991	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:823	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:99167	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:67344	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:73752	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:117546	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:93432	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:100360	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:64630	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:94202	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:99438	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:73935	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:108032	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:93588	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:100689	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:64813	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:5912	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:94413	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:93114	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:99701	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:95460	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:76069	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:108839	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:93776	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:101554	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:67001	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:6255	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:64746	P	Security update for aspell (Important)	2021-08-20
oval:org.opensuse.security:def:63123	P	cloud-init-20.2-8.45.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63091	P	java-1_8_0-ibm-1.8.0_sr6.25-3.50.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63095	P	libncurses5-32bit-6.1-5.6.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63098	P	openldap2-2.4.46-9.51.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:64502	P	Security update for graphviz (Critical)	2021-05-19
oval:com.redhat.rhsa:def:20211702	P	RHSA-2021:1702: brotli security update (Moderate)	2021-05-18
oval:org.opensuse.security:def:63301	P	salt-api-3000-2.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63594	P	libstaroffice-0_0-0-0.0.6-5.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:64848	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:63797	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:75093	P	Security update for brotli (Moderate)	2020-12-01
oval:org.opensuse.security:def:64906	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:63944	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:65018	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:64173	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:74960	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:110788	P	Security update for brotli (Moderate)	2020-09-29

BACK