PT-2023-17690 · Salt+3 · Salt+3

Dwoz

·

Publicado

2023-09-05

·

Atualizado

2025-01-22

·

CVE-2023-20897

CVSS v3.1

5.3

Média

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Name of the Vulnerable Software and Affected Versions Salt masters versions prior to 3005.2 Salt masters versions prior to 3006.2
Description The issue concerns a denial-of-service (DOS) condition in minion return. When the request server receives several bad packets equal to the number of worker threads, the master becomes unresponsive to return requests until it is restarted.
Recommendations For versions prior to 3005.2, update to version 3005.2 or later. For versions prior to 3006.2, update to version 3006.2 or later.

Correção

DoS

Improper Resource Release

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-404

Identificadores relacionados

ALT-PU-2023-5558
ALT-PU-2023-5591
ALT-PU-2023-5717
ALT-PU-2023-5935
ALT-PU-2025-1673
CVE-2023-20897
GHSA-VPJG-WMF8-29H9
OPENSUSE-SU-2023_3862-1
OPENSUSE-SU-2023_3863-1
OPENSUSE-SU-2023_3885-1
OPENSUSE-SU-2024:13188-1
PYSEC-2023-166
SUSE-SU-2023:3862-1
SUSE-SU-2023:3863-1
SUSE-SU-2023:3864-1
SUSE-SU-2023:3865-1
SUSE-SU-2023:3866-1
SUSE-SU-2023:3876-1
SUSE-SU-2023:3877-1
SUSE-SU-2023:3884-1
SUSE-SU-2023:3885-1
SUSE-SU-2023_3862-1
SUSE-SU-2023_3863-1
SUSE-SU-2023_3864-1
SUSE-SU-2023_3865-1
SUSE-SU-2023_3866-1

Produtos afetados

Alt Linux
Red Os
Salt
Suse