CVE-2023-47108

ADVISORY - github

Summary

The grpc Unary Server Interceptor opentelemetry-go-contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go

// UnaryServerInterceptor returns a grpc.UnaryServerInterceptor suitable
// for use in a grpc.NewServer call.
func UnaryServerInterceptor(opts ...Option) grpc.UnaryServerInterceptor {

out of the box adds labels

net.peer.sock.addr
net.peer.sock.port

that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent.

Details

An attacker can easily flood the peer address and port for requests.

PoC

Apply the attached patch to the example and run the client multiple times. Observe how each request will create a unique histogram and how the memory consumption increases during it.

Impact

In order to be affected, the program has to configure a metrics pipeline, use UnaryServerInterceptor, and does not filter any client IP address and ports via middleware or proxies, etc.

Others

It is similar to already reported vulnerabilities.

GHSA-rcjv-mgp8-qvmr (open-telemetry/opentelemetry-go-contrib)

Workaround for affected versions

As a workaround to stop being affected, a view removing the attributes can be used.

The other possibility is to disable grpc metrics instrumentation by passing otelgrpc.WithMeterProvider option with noop.NewMeterProvider.

Solution provided by upgrading

In PR #4322, to be released with v0.46.0, the attributes were removed.

References

#4322

EPSS Score⁠: 0.00088 (0.383)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - github

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Impacted images

Advisories

GitHub

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDGHSA-8pgv-569h-w5rw⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

7.5high

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	golang	-	-	<0.46.0	0.46.0

CVSS:3 Severity and metrics

The CVSS metrics represent different qualitative aspects of a vulnerability that impact the overall score, as defined by the CVSS Specification⁠.

Attack Vector (AV)
Network

The vulnerable component is bound to the network stack, but the attack is limited at the protocol level to a logically adjacent topology. This can mean an attack must be launched from the same shared physical (e.g., Bluetooth or IEEE 802.11) or logical (e.g., local IP subnet) network, or from within a secure or otherwise limited administrative domain (e.g., MPLS, secure VPN to an administrative network zone). One example of an Adjacent attack would be an ARP (IPv4) or neighbor discovery (IPv6) flood leading to a denial of service on the local LAN segment (e.g., CVE-2013-6014).

Attack Complexity (AC)
Low

Specialized access conditions or extenuating circumstances do not exist. An attacker can expect repeatable success when attacking the vulnerable component.

Privileges Required (PR)
None

The attacker is unauthorized prior to attack, and therefore does not require any access to settings or files of the vulnerable system to carry out an attack.

User Interaction (UI)
None

The vulnerable system can be exploited without interaction from any user.

Scope (S)
Unchanged

An exploited vulnerability can only affect resources managed by the same security authority. In this case, the vulnerable component and the impacted component are either the same, or both are managed by the same security authority.

Confidentiality (C)
None

There is no loss of confidentiality.

Integrity (I)
None

There is no loss of trust or accuracy within the impacted component.

Availability (A)
High

There is a total loss of availability, resulting in the attacker being able to fully deny access to resources in the impacted component; this loss is either sustained (while the attacker continues to deliver the attack) or persistent (the condition persists even after the attack has completed). Alternatively, the attacker has the ability to deny some availability, but the loss of availability presents a direct, serious consequence to the impacted component.

NIST

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY IDCVE-2023-47108⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

7.5high

Ubuntu

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2023-47108⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

GoLang

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDGO-2023-2331⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

GitLab

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CVE-2023-47108

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-937⁠

CVSS SCORE

N/Aunspecified

Amazon

CREATED

9 months ago

UPDATED

7 months ago

ADVISORY IDALAS2023-2024-498⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

9 months ago

UPDATED

7 months ago

ADVISORY IDALAS2-2024-2424⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-pxp9-vcpx-c9gv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-qcg5-9m5x-fr6w

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-r8jw-h755-9w74

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-vjj6-53w2-5j3x

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-vhgm-j33m-pp4m

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY ID

CGA-vwc2-jf2w-fxjp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-wm75-8mm3-grrc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

CGA-w4g8-fq43-cj36

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-x4r6-3jhh-2h6f

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-xcfj-23mp-rgxx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-www6-wg4f-cp3w

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-xj35-w6rj-qj5r

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-xxvv-x9hc-cprv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CGA-wvf3-f4c4-5px5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY ID

CGA-2f62-c37v-36ch

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-49w7-5qh9-mhj3

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-47f7-3fcw-jgwf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY ID

CGA-4724-gqwp-98cg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY ID

CGA-57h2-x7p8-6cv9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-93vq-hhw7-gpmj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-9p5f-vr5c-fg78

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-chgm-c93p-4fx5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-c7wx-f339-pq6c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-fq2c-pwr2-7xjm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-fhj5-vmvm-65wx

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-g5v2-x88p-vcmg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY ID

CGA-gw7m-mhvq-98vj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY ID

CGA-hjqc-9fvr-hx3h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-hwmp-8m7m-62vm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-j7wv-5m2f-gwvg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-j5cg-4f4c-pj84

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-jxx8-chxx-qf74

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY ID

CGA-m6qm-g2p7-5x2j

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-mq4m-5c88-mp2v

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-mpvf-vpc6-gqrj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

11 months ago

UPDATED

11 months ago

ADVISORY ID

CGA-p6p3-r9mx-g3mv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY ID

CGA-p9gj-9f4f-q6m5

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

CVE-2023-47108

Summary

Summary

Details

PoC

Impact

Others

Workaround for affected versions

Solution provided by upgrading

References

Common Weakness Enumeration (CWE)

CWE-770⁠

CWE-770⁠

CWE-1035⁠

CWE-937⁠

Advisories

GitHub

CVSS SCORE

Attack Vector (AV)Network

Attack Complexity (AC)Low

Privileges Required (PR)None

User Interaction (UI)None

Scope (S)Unchanged

Confidentiality (C)None

Integrity (I)None

Availability (A)High

NIST

CVSS SCORE

Ubuntu

CVSS SCORE

GoLang

GitLab

CVSS SCORE

Amazon

CVSS SCORE

Amazon

CVSS SCORE

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Chainguard

Attack Vector (AV)
Network

Attack Complexity (AC)
Low

Privileges Required (PR)
None

User Interaction (UI)
None

Scope (S)
Unchanged

Confidentiality (C)
None

Integrity (I)
None

Availability (A)
High