1215334 – (CVE-2023-4785) VUL-0: CVE-2023-4785: grpc: Denial of services due to lack of error handling

Bug 1215334 (CVE-2023-4785) - VUL-0: CVE-2023-4785: grpc: Denial of services due to lack of error handling

Summary: VUL-0: CVE-2023-4785: grpc: Denial of services due to lack of error handling

Status:	IN_PROGRESS

Alias:	CVE-2023-4785

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assignee:	John Paul Adrian Glaubitz
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/378184/
Whiteboard:	CVSSv3.1:SUSE:CVE-2023-4785:7.5:(AV:N...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-09-14 09:09 UTC by Cathy Hu
Modified:	2024-03-14 14:56 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Flags:	kvanderveer: needinfo? (meissner)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Cathy Hu 2023-09-14 09:09:59 UTC

CVE-2023-4785

Lack of error handling in the TCP server in Google's gRPC starting version 1.23
on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial
of service by initiating a significant number of connections with the server.
Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT
affected. 

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4785
https://www.cve.org/CVERecord?id=CVE-2023-4785
https://github.com/grpc/grpc/pull/33656
https://github.com/grpc/grpc/pull/33667
https://github.com/grpc/grpc/pull/33669
https://github.com/grpc/grpc/pull/33670
https://github.com/grpc/grpc/pull/33672

Comment 1 Cathy Hu 2023-09-14 09:10:27 UTC

Affected:
- SUSE:SLE-15-SP1:Update/grpc  1.25.0
- SUSE:SLE-15-SP2:Update/grpc  1.25.0

Not affected:
- openSUSE:Factory/grpc        1.58.0

Comment 2 John Paul Adrian Glaubitz 2023-09-14 09:43:29 UTC

I just had a quick look and the patch for the 1.53.x branch does not apply against version 1.25.0, so we will have to backport the fix ourselves.

Comment 3 Robert Schweikert 2023-09-14 11:34:46 UTC

Are there API/ABI incompatibilities in 1.53? If not we should probably consider a version bump.

Comment 4 John Paul Adrian Glaubitz 2023-09-14 11:38:18 UTC

(In reply to Robert Schweikert from comment #3)
> Are there API/ABI incompatibilities in 1.53? If not we should probably
> consider a version bump.

I will have to verify that. A version update to >=1.56 has been requested in PED-5014 anyway. However, the update would require the updates of multiple dependencies as well as submissions of new packages.

Comment 12 OBSbugzilla Bot 2024-02-09 14:05:08 UTC

This is an autogenerated message for OBS integration:
This bug (1215334) was mentioned in
https://build.opensuse.org/request/show/1145435 Factory / python-grpcio

Comment 14 Maintenance Automation 2024-02-21 12:30:24 UTC

SUSE-SU-2024:0573-1: An update that solves five vulnerabilities, contains one feature and has three security fixes can now be installed.

Category: security (moderate)
Bug References: 1133277, 1182659, 1203378, 1208794, 1212180, 1212182, 1214148, 1215334
CVE References: CVE-2023-32731, CVE-2023-32732, CVE-2023-33953, CVE-2023-44487, CVE-2023-4785
Jira References: PED-5014
Sources used:
openSUSE Leap 15.4 (src): python-abseil-1.4.0-150400.9.3.1, re2-20240201-150400.9.3.1, grpc-1.60.0-150400.8.3.2, protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1, python-grpcio-1.60.0-150400.9.3.2, opencensus-proto-0.3.0+git.20200721-150400.9.3.1
openSUSE Leap Micro 5.3 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
openSUSE Leap Micro 5.4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
openSUSE Leap 15.5 (src): python-abseil-1.4.0-150400.9.3.1, re2-20240201-150400.9.3.1, grpc-1.60.0-150400.8.3.2, protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1, python-grpcio-1.60.0-150400.9.3.2, opencensus-proto-0.3.0+git.20200721-150400.9.3.1
SUSE Linux Enterprise High Performance Computing 15 SP4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Server 15 SP4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Manager Server 4.3 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Desktop 15 SP4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Manager Retail Branch Server 4.3 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Manager Proxy 4.3 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise High Performance Computing 15 SP5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Server 15 SP5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Desktop 15 SP5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Micro 5.3 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Micro 5.4 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Micro 5.5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
Basesystem Module 15-SP5 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
Development Tools Module 15-SP5 (src): protobuf-25.1-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Package Hub 15 15-SP5 (src): protobuf-25.1-150400.9.3.1
Public Cloud Module 15-SP4 (src): grpc-1.60.0-150400.8.3.2, protobuf-25.1-150400.9.3.1
Public Cloud Module 15-SP5 (src): re2-20240201-150400.9.3.1, grpc-1.60.0-150400.8.3.2, protobuf-25.1-150400.9.3.1
Python 3 Module 15-SP5 (src): python-abseil-1.4.0-150400.9.3.1, python-grpcio-1.60.0-150400.9.3.2, protobuf-25.1-150400.9.3.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): protobuf-25.1-150400.9.3.1, grpc-1.60.0-150400.8.3.2, re2-20240201-150400.9.3.1, abseil-cpp-20230802.1-150400.10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP5 (src): abseil-cpp-20230802.1-150400.10.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Karen Van der Veer 2024-03-14 14:56:13 UTC

Waiting for guidance from Marcus.