In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
Weakness
Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Resteasy | Redhat | 3.15.4 (including) | 3.15.4 (including) |
| Resteasy | Redhat | 4.7.7 (including) | 4.7.7 (including) |
| Resteasy | Redhat | 5.0.5 (including) | 5.0.5 (including) |
| Resteasy | Redhat | 6.2.2 (including) | 6.2.2 (including) |
| AMQ Broker 7.10.3 | RedHat | RESTEasy | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-hub-rhel8:6.1.4-2 | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-operator-bundle:6.1.4-3 | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-pathfinder-rhel8:6.1.4-1 | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-rhel8-operator:6.1.4-3 | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-ui-rhel8:6.1.4-2 | * |
| MTA-6.1-RHEL-8 | RedHat | mta/mta-windup-addon-rhel8:6.1.4-2 | * |
| Red Hat AMQ Streams 2.5.0 | RedHat | * | |
| Red Hat JBoss Enterprise Application Platform 7 | RedHat | RESTEasy | * |
| Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8 | RedHat | eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el8eap | * |
| Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9 | RedHat | eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el9eap | * |
| Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7 | RedHat | eap7-resteasy-0:3.15.5-1.Final_redhat_00001.1.el7eap | * |
| Red Hat Single Sign-On 7 | RedHat | RESTEasy | * |
| Red Hat Single Sign-On 7.6 for RHEL 7 | RedHat | rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el7sso | * |
| Red Hat Single Sign-On 7.6 for RHEL 8 | RedHat | rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el8sso | * |
| Red Hat Single Sign-On 7.6 for RHEL 9 | RedHat | rh-sso7-keycloak-0:18.0.7-1.redhat_00001.1.el9sso | * |
| RHEL-8 based Middleware Containers | RedHat | rh-sso-7/sso76-openshift-rhel8:7.6-22 | * |
| RHPAM 7.13.4 async | RedHat | RESTEasy | * |
| RHPAM 7.13.5 async | RedHat | RESTEasy | * |
| Resteasy | Ubuntu | devel | * |
| Resteasy | Ubuntu | esm-apps/focal | * |
| Resteasy | Ubuntu | esm-apps/jammy | * |
| Resteasy | Ubuntu | esm-apps/noble | * |
| Resteasy | Ubuntu | esm-apps/xenial | * |
| Resteasy | Ubuntu | focal | * |
| Resteasy | Ubuntu | jammy | * |
| Resteasy | Ubuntu | kinetic | * |
| Resteasy | Ubuntu | lunar | * |
| Resteasy | Ubuntu | mantic | * |
| Resteasy | Ubuntu | noble | * |
| Resteasy | Ubuntu | oracular | * |
| Resteasy | Ubuntu | plucky | * |
| Resteasy | Ubuntu | questing | * |
| Resteasy | Ubuntu | trusty | * |
| Resteasy | Ubuntu | upstream | * |
| Resteasy | Ubuntu | xenial | * |
| Resteasy3.0 | Ubuntu | bionic | * |
| Resteasy3.0 | Ubuntu | devel | * |
| Resteasy3.0 | Ubuntu | esm-apps/bionic | * |
| Resteasy3.0 | Ubuntu | esm-apps/focal | * |
| Resteasy3.0 | Ubuntu | esm-apps/jammy | * |
| Resteasy3.0 | Ubuntu | esm-apps/noble | * |
| Resteasy3.0 | Ubuntu | focal | * |
| Resteasy3.0 | Ubuntu | jammy | * |
| Resteasy3.0 | Ubuntu | kinetic | * |
| Resteasy3.0 | Ubuntu | lunar | * |
| Resteasy3.0 | Ubuntu | mantic | * |
| Resteasy3.0 | Ubuntu | noble | * |
| Resteasy3.0 | Ubuntu | oracular | * |
| Resteasy3.0 | Ubuntu | plucky | * |
| Resteasy3.0 | Ubuntu | questing | * |
| Resteasy3.0 | Ubuntu | trusty | * |
| Resteasy3.0 | Ubuntu | upstream | * |
| Resteasy3.0 | Ubuntu | xenial | * |
Potential Mitigations
References
- https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56
- https://security.netapp.com/advisory/ntap-20230427-0001/
- https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56
- https://security.netapp.com/advisory/ntap-20230427-0001/