Bugzilla – Bug 1206471
VUL-0: CVE-2022-23526: helm,helm3: Denial of service through schema file
Last modified: 2024-05-03 09:34:03 UTC
CVE-2022-23526 Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in the_chartutil_ package that can cause a segmentation violation. The _chartutil_ package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The _chartutil_ package parses the schema file and loads it into structures Go can work with. Some schema files can cause array data structures to be created causing a memory violation. Applications that use the _chartutil_ package in the Helm SDK to parse a schema file can suffer a Denial of Service when that input causes a panic that cannot be recovered from. Helm is not a long running service so the panic will not affect future uses of the Helm client. This issue has been patched in 3.10.3. SDK users can validate schema files that are correctly formatted before passing them to the _chartutil_ functions. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23526 https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d https://www.cve.org/CVERecord?id=CVE-2022-23526 https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33
Affected: - SUSE:SLE-15-SP1:Update:Products:CASP40:Update/helm 2.16.12 - SUSE:SLE-15-SP1:Update:Products:CASP40:Update/helm3 3.3.3 - SUSE:SLE-15:Update/helm 3.9.4 - openSUSE:Backports:SLE-15-SP3/helm 3.5.2 - openSUSE:Backports:SLE-15-SP4/helm 3.8.0 Not Affected: - openSUSE:Factory/helm 3.10.3
Fixing commit: https://github.com/helm/helm/commit/bafafa8bb1b571b61d7a9528da8d40c307dade3d
SUSE:SLE-15:Update submitted. Reassign to Frederic for coldpool / helm3
This is an autogenerated message for OBS integration: This bug (1206471) was mentioned in https://build.opensuse.org/request/show/1043303 Factory / helm
SUSE-SU-2022:4606-1: An update that fixes 5 vulnerabilities is now available. Category: security (moderate) Bug References: 1181419,1206467,1206469,1206471 CVE References: CVE-2021-21272,CVE-2022-1996,CVE-2022-23524,CVE-2022-23525,CVE-2022-23526 JIRA References: Sources used: openSUSE Leap 15.4 (src): helm-3.10.3-150000.1.13.1 openSUSE Leap 15.3 (src): helm-3.10.3-150000.1.13.1 SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (src): helm-3.10.3-150000.1.13.1 SUSE Linux Enterprise Module for Containers 15-SP4 (src): helm-3.10.3-150000.1.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Hi Frederic, any updates here? Thanks :)
This is an autogenerated message for OBS integration: This bug (1206471) was mentioned in https://build.opensuse.org/request/show/1066971 Backports:SLE-15-SP4 / helm
Will submit for SUSE:SLE-15-SP1:Update:Products:CASP40:Update/helm3. I believe all fixed from coldpool side.
SUSE-SU-2024:0056-1: An update that solves one vulnerability can now be installed. Category: security (low) Bug References: 1206471 CVE References: CVE-2022-23526 Sources used: SUSE CaaS Platform 4.0 (src): helm3-3.3.3-150100.1.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
done, closing