CVE-2018-19115: keepalived has a Heap-based buffer overflow vulnerability
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Mawrer Amed Ramirez Martinez |
Bug Description
Title
-----
CVE-2018-19115: keepalived has a Heap-based buffer overflow vulnerability
Brief Description
-----------------
Heap-based buffer overflow vulnerability in extract_
+------
| CVE-2018-19115 | |
+------
| Max Score | 9.8 CRITICAL (nvd) |
| nvd | 9.8/CVSS:
| redhat | 8.1/CVSS:
| nvd | 7.5/AV:
| Summary | keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP |
| | status codes resulting in DoS or possibly unspecified other impact, because |
| | extract_status_code in lib/html.c has no validation of the status code and |
| | instead writes an unlimited amount of data to the heap. |
| CWE | CWE-122: Heap-based Buffer Overflow (redhat) |
| CWE | CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer |
| | (nvd) |
| Affected Pkg | keepalived-
| Confidence | 100 / OvalMatch |
| Source | https:/
| CVSSv2 Calc | https:/
| CVSSv3 Calc | https:/
| RHEL-CVE | https:/
| CWE | https:/
| CWE | https:/
+------
Severity
--------
<Major: System/Feature is usable but degraded>
Steps to Reproduce
------------------
N/A
Expected Behavior
------------------
N/A
Actual Behavior
----------------
N/A
Reproducibility
---------------
N/A
System Configuration
-------
N/A
Branch/Pull Time/Commit
-------
N/A
Timestamp/Logs
--------------
N/A
CVE References
Changed in starlingx: | |
importance: | Undecided → High |
tags: | added: stx.2019.05 stx.security |
Changed in starlingx: | |
assignee: | nobody → Cesar Lara (clara1) |
Changed in starlingx: | |
status: | New → Triaged |
tags: | added: stx.build |
tags: |
added: stx.2.0 removed: stx.2019.05 |
Changed in starlingx: | |
status: | Triaged → Fix Released |
assignee: | Cesar Lara (clara1) → Mawrer Amed Ramirez Martinez (marami3) |
information type: | Private Security → Public |
This CVE was fixed upstream on Jan 3rd. Please update the following package to fix this CVE:
keepalived- 1.3.5-6. el7 -> 1.3.5-8.el7_6 (updates)