CVE-2023-41378

Calico Typha hangs during unclean TLS handshake

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), and Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 and below), a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake() call is performed inside the main server handle for loop without any timeout allowing an unclean TLS handshake to block the main loop indefinitely while other connections will be idle waiting for that handshake to finish.

En determinadas condiciones para Calico Typha (v3.26.2, v3.25.1 y anteriores) y Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 y siguientes), un protocolo de enlace TLS del cliente puede bloquear el servidor Calico Typha indefinidamente, resultando en denegación de servicio. La llamada TLS Handshake() se realiza dentro del bucle for del identificador del servidor principal sin ningún tiempo de espera, lo que permite que un protocolo de enlace TLS sucio bloquee el bucle principal indefinidamente mientras que otras conexiones estarán inactivas esperando a que finalice ese protocolo de enlace.

*Credits: Rodrigo Fior Kuntzer (Github: rodrigorfk), Anthony Tam, Behnam Shobiri, Shaun Crampton, Matt Dupre

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-08-29 CVE Reserved
2023-11-06 CVE Published
2024-09-05 CVE Updated
2024-11-12 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-703: Improper Check or Handling of Exceptional Conditions
CWE-755: Improper Handling of Exceptional Conditions

CAPEC

References (3)

URL	Tag	Source
https://github.com/projectcalico/calico/pull/7908	Issue Tracking

URL	Date	SRC

URL	Date	SRC
https://github.com/projectcalico/calico/pull/7993	2023-11-14

URL	Date	SRC
https://www.tigera.io/security-bulletins-tta-2023-001	2023-11-14

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Tigera Search vendor "Tigera"		Calico Cloud Search vendor "Tigera" for product "Calico Cloud"				< 18.0.0 Search vendor "Tigera" for product "Calico Cloud" and version " < 18.0.0"		-		Affected
Tigera Search vendor "Tigera"		Calico Enterprise Search vendor "Tigera" for product "Calico Enterprise"				< 3.15.4 Search vendor "Tigera" for product "Calico Enterprise" and version " < 3.15.4"		-		Affected
Tigera Search vendor "Tigera"		Calico Enterprise Search vendor "Tigera" for product "Calico Enterprise"				>= 3.16.0 < 3.16.4 Search vendor "Tigera" for product "Calico Enterprise" and version " >= 3.16.0 < 3.16.4"		-		Affected
Tigera Search vendor "Tigera"		Calico Enterprise Search vendor "Tigera" for product "Calico Enterprise"				>= 3.17.0 < 3.17.2 Search vendor "Tigera" for product "Calico Enterprise" and version " >= 3.17.0 < 3.17.2"		-		Affected
Tigera Search vendor "Tigera"		Calico Os Search vendor "Tigera" for product "Calico Os"				< 3.25.2 Search vendor "Tigera" for product "Calico Os" and version " < 3.25.2"		-		Affected
Tigera Search vendor "Tigera"		Calico Os Search vendor "Tigera" for product "Calico Os"				>= 3.26.0 < 3.26.3 Search vendor "Tigera" for product "Calico Os" and version " >= 3.26.0 < 3.26.3"		-		Affected