Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-12
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.
Products | Ubuntu_linux, Haproxy, Openshift_container_platform |
Type | Out-of-bounds Read (CWE-125) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.securityfocus.com/bid/106223
• http://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=efbbdf72992cd20458259962346044cafd9331c0 • https://access.redhat.com/errata/RHBA-2019:0326 • https://lists.debian.org/debian-lts-announce/2022/05/msg00045.html • https://access.redhat.com/errata/RHBA-2019:0327 |