CGA-2ch4-jc28-3q82

Summary

Rancher allows an unauthenticated stack overflow in /v3-public/authproviders API

Description

Impact

An unauthenticated stack overflow crash, leading to a denial of service (DoS), was identified in Rancher’s /v3-public/authproviders public API endpoint. A malicious user could submit data to the API which would cause the Rancher server to crash, but no malicious or incorrect data would actually be written in the API. The downstream clusters, i.e., the clusters managed by Rancher, are not affected by this issue.

This vulnerability affects those using external authentication providers as well as Rancher’s local authentication.

Patches

The patch includes the removal of unnecessary HTTP methods of the specific API.

Patched versions include releases v2.8.13, v2.9.7 and v2.10.3.

Workarounds

There are no workarounds for this issue. Users are recommended to upgrade, as soon as possible, to a version of Rancher Manager that contains the fix.

References

If you have any questions or comments about this advisory:

• Reach out to the SUSE Rancher Security team for security related inquiries.
• Open an issue in the Rancher repository.
• Verify with our support matrix and product support lifecycle.