Bug 1214796 (CVE-2023-20897) - VUL-0: CVE-2023-20897: salt: DOS in minion return
Summary: VUL-0: CVE-2023-20897: salt: DOS in minion return
Status: RESOLVED FIXED
Alias: CVE-2023-20897
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/376738/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-20897:5.3:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-30 16:03 UTC by Gabriele Sonnu
Modified: 2024-06-18 12:03 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gabriele Sonnu 2023-08-30 16:03:36 UTC
CVE-2023-20897

Description: DOS in minion return.
Impact: After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.
Solution: Properly handle errors in decoded messages in request server.
How to Mitigate:
Upgrade Salt masters to 3005.2 or 3006.2
Alternatively, firewall port 4506 from access from untrusted sources and security scanning software.
Attribution: https://github.com/dwoz
Severity Rating: 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Comment 1 Gabriele Sonnu 2023-08-31 09:43:11 UTC
This only affects the Salt Master stack. We only maintain it for Salt 3006.0.

Tracking as affected: 

- SUSE:ALP:Source:Standard:1.0/salt
- SUSE:SLE-15-SP1:Update/salt
- SUSE:SLE-15-SP2:Update/salt
- SUSE:SLE-15-SP3:Update/salt
- SUSE:SLE-15-SP4:Update/salt
- SUSE:SLE-15-SP5:Update/salt
- SUSE:Debian-10:Update:Products:ManagerTools:Update/salt
- SUSE:RES-8:Update:Products:ManagerTools:Update/salt
- SUSE:Ubuntu-18.04:Update/salt
- SUSE:Ubuntu-20.04:Update:Products:ManagerTools:Update/salt
Comment 2 Gabriele Sonnu 2023-08-31 09:58:57 UTC
salt-master is not shipped in the last 4 codestreams listed in comment 1, so only this codestreams are affected:

- SUSE:ALP:Source:Standard:1.0/salt
- SUSE:SLE-15-SP1:Update/salt
- SUSE:SLE-15-SP2:Update/salt
- SUSE:SLE-15-SP3:Update/salt
- SUSE:SLE-15-SP4:Update/salt
- SUSE:SLE-15-SP5:Update/salt
Comment 7 Pablo Suárez Hernández 2023-09-20 15:17:43 UTC
This should be fixed now by:

SUSE:ALP:Source:Standard:1.0 - https://build.suse.de/request/show/307891
SUSE:SLE-15-SP1:Update/salt - https://build.suse.de/request/show/307877
SUSE:SLE-15-SP2:Update/salt - https://build.suse.de/request/show/307872
SUSE:SLE-15-SP3:Update/salt - https://build.suse.de/request/show/307875
SUSE:SLE-15-SP4:Update/salt - https://build.suse.de/request/show/307874
SUSE:SLE-15-SP5:Update/salt - https://build.suse.de/request/show/307876

I'm setting assignee back to Security Team. Thanks!
Comment 11 Maintenance Automation 2023-09-28 12:30:16 UTC
SUSE-SU-2023:3885-1: An update that solves six vulnerabilities, contains seven features and has 74 security fixes can now be installed.

Category: security (important)
Bug References: 1193948, 1193948, 1207330, 1207330, 1208692, 1208692, 1208692, 1210935, 1210935, 1211525, 1211525, 1211525, 1211874, 1211874, 1211884, 1211884, 1212246, 1212246, 1212730, 1212730, 1212814, 1212814, 1212827, 1212827, 1212856, 1212856, 1212856, 1212943, 1212943, 1212943, 1213009, 1213009, 1213077, 1213077, 1213288, 1213288, 1213441, 1213441, 1213445, 1213445, 1213445, 1213469, 1213469, 1213675, 1213675, 1213675, 1213716, 1213716, 1213880, 1213880, 1214002, 1214002, 1214121, 1214121, 1214124, 1214124, 1214187, 1214187, 1214266, 1214266, 1214280, 1214280, 1214796, 1214796, 1214797, 1214797, 1214889, 1214889, 1214982, 1214982, 1215352, 1215352, 1215362, 1215362, 1215413, 1215413, 1215497, 1215497, 1215756, 1215756
CVE References: CVE-2023-20897, CVE-2023-20897, CVE-2023-20898, CVE-2023-20898, CVE-2023-29409, CVE-2023-29409
Jira References: MSQA-699, MSQA-699, MSQA-699, SUMA-158, SUMA-158, SUMA-280, SUMA-280
Sources used:
openSUSE Leap 15.4 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2, release-notes-susemanager-4.3.8-150400.3.77.1
SUSE Manager Proxy 4.3 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2
SUSE Manager Retail Branch Server 4.3 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2
SUSE Manager Server 4.3 (src): release-notes-susemanager-4.3.8-150400.3.77.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Maintenance Automation 2023-09-28 12:30:16 UTC
SUSE-SU-2023:3885-1: An update that solves six vulnerabilities, contains seven features and has 74 security fixes can now be installed.

Category: security (important)
Bug References: 1193948, 1193948, 1207330, 1207330, 1208692, 1208692, 1208692, 1210935, 1210935, 1211525, 1211525, 1211525, 1211874, 1211874, 1211884, 1211884, 1212246, 1212246, 1212730, 1212730, 1212814, 1212814, 1212827, 1212827, 1212856, 1212856, 1212856, 1212943, 1212943, 1212943, 1213009, 1213009, 1213077, 1213077, 1213288, 1213288, 1213441, 1213441, 1213445, 1213445, 1213445, 1213469, 1213469, 1213675, 1213675, 1213675, 1213716, 1213716, 1213880, 1213880, 1214002, 1214002, 1214121, 1214121, 1214124, 1214124, 1214187, 1214187, 1214266, 1214266, 1214280, 1214280, 1214796, 1214796, 1214797, 1214797, 1214889, 1214889, 1214982, 1214982, 1215352, 1215352, 1215362, 1215362, 1215413, 1215413, 1215497, 1215497, 1215756, 1215756
CVE References: CVE-2023-20897, CVE-2023-20897, CVE-2023-20898, CVE-2023-20898, CVE-2023-29409, CVE-2023-29409
Jira References: MSQA-699, MSQA-699, MSQA-699, SUMA-158, SUMA-158, SUMA-280, SUMA-280
Sources used:
openSUSE Leap 15.4 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2, release-notes-susemanager-4.3.8-150400.3.77.1
SUSE Manager Proxy 4.3 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2
SUSE Manager Retail Branch Server 4.3 (src): release-notes-susemanager-proxy-4.3.8-150400.3.61.2
SUSE Manager Server 4.3 (src): release-notes-susemanager-4.3.8-150400.3.77.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Maintenance Automation 2023-09-28 12:30:21 UTC
SUSE-SU-2023:3884-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:
SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (src): venv-salt-minion-3006.0-1.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Maintenance Automation 2023-09-28 12:30:27 UTC
SUSE-SU-2023:3881-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Maintenance Automation 2023-09-28 12:30:38 UTC
SUSE-SU-202308:15234-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Maintenance Automation 2023-09-28 12:30:46 UTC
SUSE-SU-202309:15233-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Maintenance Automation 2023-09-28 12:30:52 UTC
SUSE-SU-2023:3877-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:
SUSE Manager Client Tools for SLE 15 (src): venv-salt-minion-3006.0-150000.3.42.1
SUSE Manager Client Tools for SLE Micro 5 (src): venv-salt-minion-3006.0-150000.3.42.1
SUSE Manager Proxy 4.3 Module 4.3 (src): venv-salt-minion-3006.0-150000.3.42.1
SUSE Manager Server 4.3 Module 4.3 (src): venv-salt-minion-3006.0-150000.3.42.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Maintenance Automation 2023-09-28 12:30:59 UTC
SUSE-SU-2023:3876-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:
SUSE Manager Client Tools for SLE 12 (src): venv-salt-minion-3006.0-3.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Maintenance Automation 2023-09-28 12:31:09 UTC
SUSE-SU-2023:3871-1: An update that solves two vulnerabilities, contains one feature and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Jira References: MSQA-699
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Maintenance Automation 2023-09-28 12:31:21 UTC
SUSE-SU-202309:15230-1: An update that solves three vulnerabilities, contains two features and has 11 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213691, 1213880, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898, CVE-2023-29409
Jira References: ECO-3319, MSQA-699
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Maintenance Automation 2023-09-28 12:31:33 UTC
SUSE-SU-2023:3866-1: An update that solves two vulnerabilities and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Sources used:
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): salt-3006.0-150100.107.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): salt-3006.0-150100.107.1
SUSE CaaS Platform 4.0 (src): salt-3006.0-150100.107.1
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): salt-3006.0-150100.107.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Maintenance Automation 2023-09-28 12:31:41 UTC
SUSE-SU-2023:3865-1: An update that solves two vulnerabilities and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): salt-3006.0-150200.108.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): salt-3006.0-150200.108.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): salt-3006.0-150200.108.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Maintenance Automation 2023-09-28 12:31:47 UTC
SUSE-SU-2023:3864-1: An update that solves two vulnerabilities and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Sources used:
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): salt-3006.0-150300.53.60.1
SUSE Manager Proxy 4.2 (src): salt-3006.0-150300.53.60.1
SUSE Manager Retail Branch Server 4.2 (src): salt-3006.0-150300.53.60.1
SUSE Manager Server 4.2 (src): salt-3006.0-150300.53.60.1
SUSE Enterprise Storage 7.1 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise Micro 5.1 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise Micro 5.2 (src): salt-3006.0-150300.53.60.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): salt-3006.0-150300.53.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Maintenance Automation 2023-09-28 12:31:54 UTC
SUSE-SU-2023:3863-1: An update that solves two vulnerabilities and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Sources used:
Transactional Server Module 15-SP4 (src): salt-3006.0-150400.8.44.1
openSUSE Leap 15.4 (src): salt-3006.0-150400.8.44.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): salt-3006.0-150400.8.44.1
SUSE Linux Enterprise Micro 5.3 (src): salt-3006.0-150400.8.44.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): salt-3006.0-150400.8.44.1
SUSE Linux Enterprise Micro 5.4 (src): salt-3006.0-150400.8.44.1
Basesystem Module 15-SP4 (src): salt-3006.0-150400.8.44.1
Server Applications Module 15-SP4 (src): salt-3006.0-150400.8.44.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Maintenance Automation 2023-09-28 12:32:01 UTC
SUSE-SU-2023:3862-1: An update that solves two vulnerabilities and has 10 security fixes can now be installed.

Category: security (moderate)
Bug References: 1193948, 1210994, 1212794, 1212844, 1212855, 1213257, 1213441, 1213630, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2023-20897, CVE-2023-20898
Sources used:
openSUSE Leap 15.5 (src): salt-3006.0-150500.4.19.1
Basesystem Module 15-SP5 (src): salt-3006.0-150500.4.19.1
Server Applications Module 15-SP5 (src): salt-3006.0-150500.4.19.1
Transactional Server Module 15-SP5 (src): salt-3006.0-150500.4.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Maintenance Automation 2023-11-09 08:30:28 UTC
SUSE-RU-2023:4408-1: An update that solves eight vulnerabilities, contains two features and has 48 fixes can now be installed.

Category: recommended (important)
Bug References: 1097531, 1182851, 1186738, 1190781, 1193357, 1193948, 1194632, 1195624, 1195895, 1196050, 1196432, 1197288, 1197417, 1197533, 1197637, 1198489, 1198556, 1198744, 1199149, 1199372, 1199562, 1200566, 1200596, 1201082, 1202165, 1202631, 1203685, 1203834, 1203886, 1204206, 1204939, 1205687, 1207071, 1208691, 1209233, 1210954, 1210994, 1211591, 1211612, 1211741, 1211754, 1212516, 1212517, 1212794, 1212844, 1212855, 1213257, 1213293, 1213441, 1213518, 1213630, 1213926, 1213960, 1214796, 1214797, 1215489
CVE References: CVE-2022-22934, CVE-2022-22935, CVE-2022-22936, CVE-2022-22941, CVE-2022-22967, CVE-2023-20897, CVE-2023-20898, CVE-2023-28370
Jira References: MSQA-706, PED-3139
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Carlos López 2024-04-19 08:51:39 UTC
Done, closing.