Bug 1182382 - (CVE-2021-25315) VUL-0: CVE-2021-25315: salt: salt-api unauthenticated remote code exec
(CVE-2021-25315)
VUL-0: CVE-2021-25315: salt: salt-api unauthenticated remote code exec
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-02-17 16:53 UTC by Marcus Meissner
Modified: 2021-07-11 17:43 UTC (History)
10 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
patch_for_salt_3002.2 (2.27 KB, patch)
2021-02-18 11:42 UTC, Pablo Suárez Hernández
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Marcus Meissner 2021-02-17 16:54:20 UTC
I have assigned CVE-2021-25315 to this issue.
Comment 4 Julio González Gil 2021-02-17 17:39:11 UTC
And can pau.garcia@suse.com be added to CC? He's SUSE Manager PO and will need to prepare release notes for SUSE Manager 4.2 about this.
Comment 5 Marcus Meissner 2021-02-18 05:36:14 UTC
To what products was this shipped already?

on second read just tumbleweed and sp3 beta?

added pau
Comment 6 Jochen Breuer 2021-02-18 08:45:29 UTC
(In reply to Marcus Meissner from comment #5)
> To what products was this shipped already?
> 
> on second read just tumbleweed and sp3 beta?

Correct!

> added pau
Comment 7 Pablo Suárez Hernández 2021-02-18 09:13:35 UTC
(In reply to Marcus Meissner from comment #5)
> To what products was this shipped already?
> 
> on second read just tumbleweed and sp3 beta?

That's correct.

I think Julio mentioned SUSE Manager 4.2 here because it's currently in alpha2, but in preparations for the public beta, which is based on SLE15SP3.

Hth!
Comment 8 Julio González Gil 2021-02-18 09:22:18 UTC
Yes, exactly.

- openSUSE Tumbleweed
- SLE15SP3 current milestone and next milestone (public Beta). And as a results SUSE Manager 4.2 Alpha2, and Beta1 which is being prepared but not public.
Comment 9 Pablo Suárez Hernández 2021-02-18 11:42:00 UTC
Created attachment 846239 [details]
patch_for_salt_3002.2

This is the patch for fixing this CVE issue in Salt 3002.2
Comment 15 Salvatore Bonaccorso 2021-03-12 21:22:25 UTC
Hast this issue been reported upstream?
Comment 16 Victor Zhestkov 2021-03-13 13:54:38 UTC
Hi. Upstream was not affected with this issue.
The issue was caused by overlapping of upstream patch and one of our patches.
Comment 17 Salvatore Bonaccorso 2021-03-13 14:06:08 UTC
Thanks for the clarification!
Comment 18 Marcus Meissner 2021-03-13 16:19:42 UTC
Sorry for the confusion.

Is now fixed in tumbleweed and sles 15 sp3 recent beta.
Comment 19 Swamp Workflow Management 2021-03-19 20:31:10 UTC
SUSE-SU-2021:0913-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2021-03-19 20:34:20 UTC
SUSE-SU-2021:14679-1: An update that solves 11 vulnerabilities and has 7 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2021-03-19 20:37:33 UTC
SUSE-SU-2021:0914-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Tools 15-BETA (src):    salt-3002.2-8.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2021-03-19 21:13:00 UTC
SUSE-SU-2021:14678-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2021-06-21 22:38:57 UTC
SUSE-SU-2021:2104-1: An update that solves two vulnerabilities, contains three features and has 8 fixes is now available.

Category: security (critical)
Bug References: 1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    salt-3002.2-8.41.8.1
SUSE Linux Enterprise Server 15-LTSS (src):    salt-3002.2-8.41.8.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    salt-3002.2-8.41.8.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    salt-3002.2-8.41.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2021-06-21 22:41:41 UTC
SUSE-SU-2021:2111-1: An update that solves two vulnerabilities, contains three features and has 12 fixes is now available.

Category: security (moderate)
Bug References: 1171257,1173557,1176293,1179831,1180583,1180584,1180585,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2021-06-21 22:44:03 UTC
SUSE-SU-2021:2105-1: An update that solves 7 vulnerabilities, contains three features and has three fixes is now available.

Category: security (critical)
Bug References: 1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2018-15750,CVE-2018-15751,CVE-2020-11651,CVE-2020-11652,CVE-2020-25592,CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:
SUSE Manager Server 4.0 (src):    salt-3002.2-37.1
SUSE Manager Retail Branch Server 4.0 (src):    salt-3002.2-37.1
SUSE Manager Proxy 4.0 (src):    salt-3002.2-37.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    salt-3002.2-37.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    salt-3002.2-37.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    salt-3002.2-37.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    salt-3002.2-37.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    salt-3002.2-37.1
SUSE Enterprise Storage 6 (src):    salt-3002.2-37.1
SUSE CaaS Platform 4.0 (src):    salt-3002.2-37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2021-06-21 22:55:12 UTC
SUSE-SU-2021:14756-1: An update that solves two vulnerabilities, contains three features and has 12 fixes is now available.

Category: security (moderate)
Bug References: 1171257,1173557,1176293,1179831,1180583,1180584,1180585,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2021-06-21 23:02:14 UTC
SUSE-SU-2021:2106-1: An update that solves 7 vulnerabilities, contains three features and has three fixes is now available.

Category: security (critical)
Bug References: 1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2018-15750,CVE-2018-15751,CVE-2020-11651,CVE-2020-11652,CVE-2020-25592,CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:
SUSE MicroOS 5.0 (src):    python-distro-1.5.0-3.5.1, salt-3002.2-37.1
SUSE Linux Enterprise Module for Transactional Server 15-SP2 (src):    salt-3002.2-37.1
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    salt-3002.2-37.1
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-distro-1.5.0-3.5.1
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-distro-1.5.0-3.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-distro-1.5.0-3.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-distro-1.5.0-3.5.1, salt-3002.2-37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2021-06-21 23:04:58 UTC
SUSE-SU-2021:14755-1: An update that solves two vulnerabilities, contains three features and has 12 fixes is now available.

Category: security (moderate)
Bug References: 1171257,1173557,1176293,1179831,1180583,1180584,1180585,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2021-06-23 16:27:10 UTC
openSUSE-SU-2021:0899-1: An update that solves 7 vulnerabilities, contains three features and has three fixes is now available.

Category: security (critical)
Bug References: 1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2018-15750,CVE-2018-15751,CVE-2020-11651,CVE-2020-11652,CVE-2020-25592,CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:
openSUSE Leap 15.2 (src):    salt-3002.2-lp152.3.36.1
Comment 33 Swamp Workflow Management 2021-07-11 17:43:25 UTC
openSUSE-SU-2021:2106-1: An update that solves 7 vulnerabilities, contains three features and has three fixes is now available.

Category: security (critical)
Bug References: 1171257,1176293,1179831,1181368,1182281,1182293,1182382,1185092,1185281,1186674
CVE References: CVE-2018-15750,CVE-2018-15751,CVE-2020-11651,CVE-2020-11652,CVE-2020-25592,CVE-2021-25315,CVE-2021-31607
JIRA References: ECO-3212,SLE-18028,SLE-18033
Sources used:
openSUSE Leap 15.3 (src):    python-distro-1.5.0-3.5.1