CVE-2018-20615

Published: Mar 21, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.

Affected (23)

Products: Haproxy: Haproxy · Opensuse: Leap · Canonical: Ubuntu Linux · +1 more

Show all products

Haproxy: Haproxy · Opensuse: Leap · Canonical: Ubuntu Linux · Redhat: Enterprise Linux, Openshift Container Platform

1 product

1 product

1 product

2 products

Openshift Container Platform

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Haproxy Haproxy	From 1.8.0 to 1.8.19
Haproxy Haproxy	Version 1.9.0
Haproxy Haproxy	Version 1.9.0 dev0
Haproxy Haproxy	Version 1.9.0 dev10
Haproxy Haproxy	Version 1.9.0 dev11
Haproxy Haproxy	Version 1.9.0 dev1
Haproxy Haproxy	Version 1.9.0 dev2
Haproxy Haproxy	Version 1.9.0 dev3
Haproxy Haproxy	Version 1.9.0 dev4
Haproxy Haproxy	Version 1.9.0 dev5
Haproxy Haproxy	Version 1.9.0 dev6
Haproxy Haproxy	Version 1.9.0 dev7
Haproxy Haproxy	Version 1.9.0 dev8
Haproxy Haproxy	Version 1.9.0 dev9

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 18.10

Configuration D

5 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 7.4
Redhat Enterprise Linux	Version 7.5
Redhat Enterprise Linux	Version 7.6
Redhat Openshift Container Platform	Version 3.11