UBUNTU-CVE-2021-32785

Source
https://ubuntu.com/security/CVE-2021-32785
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-32785.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2021-32785
Related
Published
2021-07-22T22:15:00Z
Modified
2024-10-15T14:08:10Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache (OIDCCacheEncrypt off, OIDCSessionType server-cache, OIDCCacheType redis), mod_auth_openidc wrongly performed argument interpolation before passing Redis requests to hiredis, which would perform it again and lead to an uncontrolled format string bug. Initial assessment shows that this bug does not appear to allow gaining arbitrary code execution, but can reliably provoke a denial of service by repeatedly crashing the Apache workers. This bug has been corrected in version 2.4.9 by performing argument interpolation only once, using the hiredis API. As a workaround, this vulnerability can be mitigated by setting OIDCCacheEncrypt to on, as cache keys are cryptographically hashed before use when this option is enabled.

References

Affected packages

Ubuntu:Pro:16.04:LTS / libapache2-mod-auth-openidc

Package

Name
libapache2-mod-auth-openidc
Purl
pkg:deb/ubuntu/libapache2-mod-auth-openidc?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0-1
1.8.5-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / libapache2-mod-auth-openidc

Package

Name
libapache2-mod-auth-openidc
Purl
pkg:deb/ubuntu/libapache2-mod-auth-openidc?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.1.6-1
2.3.1-2
2.3.2-1
2.3.2-1build1
2.3.3-1build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / libapache2-mod-auth-openidc

Package

Name
libapache2-mod-auth-openidc
Purl
pkg:deb/ubuntu/libapache2-mod-auth-openidc?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.10.2-1
2.4.0.4-1
2.4.1-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / libapache2-mod-auth-openidc

Package

Name
libapache2-mod-auth-openidc
Purl
pkg:deb/ubuntu/libapache2-mod-auth-openidc?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.9-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.4.9-1",
            "binary_name": "libapache2-mod-auth-openidc"
        },
        {
            "binary_version": "2.4.9-1",
            "binary_name": "libapache2-mod-auth-openidc-dbgsym"
        }
    ]
}