Vulnerability CVE-2020-11100: Information

Description

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2020-11100
Published: April 2, 2020
Modified: Nov. 7, 2023
Error type identifier: CWE-787

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
haproxysisyphus2.2.8-alt12.8.9-alt1ALT-PU-2021-1066-1264883Fixed
haproxyp102.2.8-alt12.6.17-alt1ALT-PU-2021-1066-1264883Fixed
haproxyc10f12.2.8-alt12.6.15-alt1ALT-PU-2021-1066-1264883Fixed
haproxyc9f22.0.20-alt12.8.2-alt1ALT-PU-2021-2130-1276674Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://lists.debian.org/debian-security-announce/2020/msg00052.html
  • Mailing List
  • Third Party Advisory
http://www.haproxy.org
  • Vendor Advisory
https://www.haproxy.org/download/2.1/src/CHANGELOG
  • Release Notes
  • Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1819111
  • Issue Tracking
  • Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1168023
  • Issue Tracking
  • Third Party Advisory
openSUSE-SU-2020:0444
  • Mailing List
  • Third Party Advisory
DSA-4649
  • Third Party Advisory
USN-4321-1
  • Third Party Advisory
http://packetstormsecurity.com/files/157323/haproxy-hpack-tbl.c-Out-Of-Bounds-Write.html
  • Third Party Advisory
  • VDB Entry
GLSA-202012-22
  • Third Party Advisory
https://www.mail-archive.com/haproxy%40formilux.org/msg36876.html
    https://git.haproxy.org/?p=haproxy.git%3Ba=commit%3Bh=5dfc5d5cd0d2128d77253ead3acf03a421ab5b88
      FEDORA-2020-16cd111544
        FEDORA-2020-13fd8b1721

            1. Configuration 1

              cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*
              Start including
              1.8.0
              End excliding
              2.1.4

              Configuration 2

              cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

              Configuration 3

              cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
              cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

              Configuration 4

              cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
              cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

              Configuration 5

              cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
              cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

              Configuration 6

              cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.1
          Back to top