A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
Weakness
The code uses a cache that contains sensitive information, but the cache can be read by an actor outside of the intended control sphere.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat OpenShift Container Platform 4.13 | RedHat | openshift4/ose-coredns:v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8 | * |
| Red Hat OpenShift Container Platform 4.14 | RedHat | openshift4/ose-coredns:v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8 | * |
| Red Hat OpenShift Container Platform 4.15 | RedHat | openshift4/ose-coredns-rhel9:v4.15.0-202407230407.p0.g1326282.assembly.stream.el9 | * |
| Red Hat OpenShift Container Platform 4.16 | RedHat | openshift4/ose-coredns-rhel9:v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9 | * |
Potential Mitigations
Related Attack Patterns
References
- https://access.redhat.com/errata/RHSA-2024:0041
- https://access.redhat.com/errata/RHSA-2024:4850
- https://access.redhat.com/errata/RHSA-2024:6009
- https://access.redhat.com/errata/RHSA-2024:6406
- https://access.redhat.com/security/cve/CVE-2024-0874
- https://bugzilla.redhat.com/show_bug.cgi?id=2219234
- https://github.com/coredns/coredns/issues/6186
- https://github.com/coredns/coredns/pull/6354
- https://access.redhat.com/errata/RHSA-2024:0041
- https://access.redhat.com/security/cve/CVE-2024-0874
- https://bugzilla.redhat.com/show_bug.cgi?id=2219234
- https://github.com/coredns/coredns/issues/6186
- https://github.com/coredns/coredns/pull/6354