CVE-2023-2253
Denial of Service vulnerability in github.com/docker/distribution
What is CVE-2023-2253 About?
This vulnerability enables a Denial of Service attack against systems running distribution builds from a specific commit in memory-restricted environments. A crafted request to the `/v2/_catalog` API endpoint can cause the system to become unresponsive. Exploitation likely involves repeated or specifically formed requests to trigger resource exhaustion.
Affected Software
- github.com/docker/distribution
- <2.8.2-beta.1
- github.com/distribution/distribution
- <2.8.2-beta.1+incompatible
Technical Details
The vulnerability is a Denial of Service (DoS) attack specifically affecting systems that have a distribution built after a certain commit and are operating in memory-restricted environments. The attack is triggered by a specially crafted malicious request to the `/v2/_catalog` API endpoint. This endpoint, when handling the malicious request, consumes excessive system resources (likely memory or CPU cycles) due to inefficient processing or an algorithmic complexity issue, causing the service to become unresponsive or crash. The constrained memory environment exacerbates the issue, making resource exhaustion easier to achieve. The attack vector is an HTTP request to the `/v2/_catalog` endpoint.
What is the Impact of CVE-2023-2253?
Successful exploitation may allow attackers to render the affected system or application unavailable, leading to service disruption and operational downtime.
What is the Exploitability of CVE-2023-2253?
Exploitation of this vulnerability requires crafting a specific request to the `/v2/_catalog` API endpoint. The complexity is likely moderate, requiring some understanding of the endpoint's expected input and how to manipulate it to trigger resource exhaustion. There are no explicit authentication or privilege requirements mentioned, suggesting that any unauthenticated user capable of making requests to this endpoint could potentially exploit it. This is a remote exploitation scenario. The key special conditions are that the system must be running a distribution built after a specific commit and operating in a memory-restricted environment. Risk factors are higher for publicly exposed systems matching these criteria, where attackers have easy access to the vulnerable API endpoint.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2023-2253?
Available Upgrade Options
- github.com/distribution/distribution
- <2.8.2-beta.1+incompatible → Upgrade to 2.8.2-beta.1+incompatible
- github.com/docker/distribution
- <2.8.2-beta.1 → Upgrade to 2.8.2-beta.1
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html
- https://bugzilla.redhat.com/show_bug.cgi?id=2189886
- https://github.com/advisories/GHSA-hqxw-f8mx-cpmw
- https://github.com/distribution/distribution/security/advisories/GHSA-hqxw-f8mx-cpmw
- https://osv.dev/vulnerability/GHSA-hqxw-f8mx-cpmw
- https://bugzilla.redhat.com/show_bug.cgi?id=2189886
- https://lists.debian.org/debian-lts-announce/2023/06/msg00035.html
- https://github.com/distribution/distribution
- https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc
- https://github.com/distribution/distribution/commit/f55a6552b006a381d9167e328808565dd2bf77dc
What are Similar Vulnerabilities to CVE-2023-2253?
Similar Vulnerabilities: CVE-2023-45588 , CVE-2023-32001 , CVE-2023-29471 , CVE-2023-27329 , CVE-2023-36665
