Candidate: CVE-2021-43304
PublicDate: 2022-03-14 23:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43304
 https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v21.9.1.7685)
 https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v21.9.1.7685)
 https://github.com/ClickHouse/ClickHouse/pull/27136
 https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/
 https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms
Description:
 Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a
 malicious query. There is no verification that the copy operations in the
 LZ4::decompressImpl loop and especially the arbitrary copy operation
 wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination
 buffer’s limits.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008216
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_clickhouse:
upstream_clickhouse: needs-triage
trusty_clickhouse: ignored (out of standard support)
xenial_clickhouse: ignored (out of standard support)
focal_clickhouse: not-affected (code not present)
impish_clickhouse: needs-triage