CVE-2020-15112
published 2020-08-05CVE-2020-15112: In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This…
PriorityP433medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
1.26%
65.8th percentile
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | etcd | < etcd 3.3.25+dfsg-5 (bookworm) | etcd 3.3.25+dfsg-5 (bookworm) |
| etcd-io | etcd | < 3.3.23 | 3.3.23 |
| etcd-io | etcd | < 3.4.10 | 3.4.10 |
| etcd | etcd | < 3.3.23 | 3.3.23 |
| etcd | etcd | >= 0 < 3.3.25+dfsg-5 | 3.3.25+dfsg-5 |
| etcd | etcd | >= 0 < 3.3.25+dfsg-5 | 3.3.25+dfsg-5 |
| etcd | etcd | >= 0 < 3.3.25+dfsg-5 | 3.3.25+dfsg-5 |
| etcd | etcd | >= 0 < 3.3.25+dfsg-5 | 3.3.25+dfsg-5 |
| etcd | etcd | >= 0 < 3.2.26+dfsg-6ubuntu0.1 | 3.2.26+dfsg-6ubuntu0.1 |
| etcd | etcd | >= 0 < 3.2.17+dfsg-1ubuntu0.1~esm1 | 3.2.17+dfsg-1ubuntu0.1~esm1 |
| etcd | etcd | >= 3.4.0 < 3.4.10 | 3.4.10 |
| fedoraproject | fedora | — | — |
| go.etcd.io | etcd | >= 0 < 0.5.0-alpha.5.0.20200423152442-f4b650b51dc4 | 0.5.0-alpha.5.0.20200423152442-f4b650b51dc4 |
| go.etcd.io | etcd_v3 | >= 0 < 3.3.23 | 3.3.23 |
| go.etcd.io | etcd_v3 | >= 3.4.0 < 3.4.10 | 3.4.10 |
| msrc | cbl2_etcd_3.5.0-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv6.5MEDIUM
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_redhat6.5MEDIUM
vendor_ubuntu6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Panic due to malformed WALs in go.etcd.io/etcd
osv·2023-02-07
CVE-2020-15106 [LOW] Panic due to malformed WALs in go.etcd.io/etcd
Panic due to malformed WALs in go.etcd.io/etcd
### Vulnerability type
Data Validation
### Detail
The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
### Specific Go Packages Affected
github.com/etcd-io/etcd/wal
### References
Find out more on this vulnerability in the [security audit report](https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf)
### For more information
If you have any questions or comments about this advisory:
* Contact the [etcd security committee](https://github.com/etcd-io/etcd/blob/master/security/security-release-process.md
GHSA
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
ghsa·2022-10-06
CVE-2020-15112 [MEDIUM] CWE-129 etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
### Vulnerability type
Data Validation
### Detail
In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
### References
Find out more on this vulnerability in the [security audit report](https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf)
### For more information
If you have any questions or comments about this advisory:
* Contact the [etcd security committee](https://github.com/etcd-io/etcd/blob/master/security/security-release-process.md)
OSV
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
osv·2022-10-06
CVE-2020-15106 [MEDIUM] etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic
### Vulnerability type
Data Validation
### Detail
In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
### References
Find out more on this vulnerability in the [security audit report](https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf)
### For more information
If you have any questions or comments about this advisory:
* Contact the [etcd security committee](https://github.com/etcd-io/etcd/blob/master/security/security-release-process.md)
OSV
etcd vulnerabilities
osv·2022-09-22·CVSS 6.5
CVE-2020-15106 [MEDIUM] etcd vulnerabilities
etcd vulnerabilities
It was discovered that etcd incorrectly handled certain specially crafted
WAL files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when
trying to create a directory that exists already. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An
attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15114)
OSV
etcd vulnerabilities
osv·2022-09-22·CVSS 6.5
CVE-2020-15106 [MEDIUM] etcd vulnerabilities
etcd vulnerabilities
USN-5628-1 fixed vulnerabilities in etcd.
This update provides the corresponding updates for Ubuntu 18.04 ESM.
Original advisory details:
It was discovered that etcd incorrectly handled certain specially crafted
WAL files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when
trying to create a directory that exists already. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An
attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15114)
OSV
Panic due to malformed WALs in go.etcd.io/etcd
osv·2021-04-14
CVE-2020-15106 Panic due to malformed WALs in go.etcd.io/etcd
Panic due to malformed WALs in go.etcd.io/etcd
Malformed WALs can be constructed such that WAL.ReadAll can cause attempted out of bounds reads, or creation of arbitrarily sized slices, which may be used as a DoS vector.
OSV
CVE-2020-15112: In etcd before versions 3
osv·2020-08-05·CVSS 6.5
CVE-2020-15112 [MEDIUM] CVE-2020-15112: In etcd before versions 3
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Ubuntu
etcd vulnerabilities
vendor_ubuntu·2022-09-22·CVSS 6.5
CVE-2020-15113 [MEDIUM] etcd vulnerabilities
Title: etcd vulnerabilities
Summary: Several security issues were fixed in etcd.
It was discovered that etcd incorrectly handled certain specially crafted
WAL files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when
trying to create a directory that exists already. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An
attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15114)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
etcd vulnerabilities
vendor_ubuntu·2022-09-22·CVSS 6.5
CVE-2020-15113 [MEDIUM] etcd vulnerabilities
Title: etcd vulnerabilities
Summary: Several security issues were fixed in etcd.
USN-5628-1 fixed vulnerabilities in etcd.
This update provides the corresponding updates for Ubuntu 18.04 ESM.
Original advisory details:
It was discovered that etcd incorrectly handled certain specially crafted
WAL files. An attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15106, CVE-2020-15112)
It was discovered that etcd incorrectly handled directory permissions when
trying to create a directory that exists already. An attacker could
possibly use this issue to obtain sensitive information. (CVE-2020-15113)
It was discovered that etcd incorrectly handled endpoint setup. An
attacker could possibly use this issue to cause a denial of
service. (CVE-2020-15114)
Instructions:
Microsoft
Improper Input Validation in etcd
vendor_msrc·2020-08-11·CVSS 6.5
CVE-2020-15112 [MEDIUM] CWE-129 Improper Input Validation in etcd
Improper Input Validation in etcd
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/e
Red Hat
etcd: DoS in wal/wal.go
vendor_redhat·2020-08-06·CVSS 6.5
CVE-2020-15112 [MEDIUM] CWE-400 etcd: DoS in wal/wal.go
etcd: DoS in wal/wal.go
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
A flaw was found in etcd, where it is possible to have an entry index greater than the number of entries in the ReadAll method in wal/wal.go. This can cause issues when WAL entries are being read during consensus, as an arbitrary etcd consensus participant can go down from a runtime panic when reading the entry. The highest threat from this vulnerability is to system availability.
Statement: In Red Hat OpenShift Container Platform (RHOCP), t
Debian
CVE-2020-15112: etcd - In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index...
vendor_debian·2020·CVSS 6.5
CVE-2020-15112 [MEDIUM] CVE-2020-15112: etcd - In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index...
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
Scope: local
bookworm: resolved (fixed in 3.3.25+dfsg-5)
bullseye: resolved (fixed in 3.3.25+dfsg-5)
forky: resolved (fixed in 3.3.25+dfsg-5)
sid: resolved (fixed in 3.3.25+dfsg-5)
trixie: resolved (fixed in 3.3.25+dfsg-5)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-15112 etcd: DoS in wal/wal.go [fedora-all]
bugzilla·2020-08-14·CVSS 6.5
CVE-2020-15112 [MEDIUM] CVE-2020-15112 etcd: DoS in wal/wal.go [fedora-all]
CVE-2020-15112 etcd: DoS in wal/wal.go [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one
Bugzilla
CVE-2020-15112 etcd: DoS in wal/wal.go
bugzilla·2020-08-14·CVSS 6.5
CVE-2020-15112 [MEDIUM] CVE-2020-15112 etcd: DoS in wal/wal.go
CVE-2020-15112 etcd: DoS in wal/wal.go
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
References:
https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93
Discussion:
Created etcd tracking bugs for this issue:
Affects: fedora-all [bug 1868873]
---
External References:
https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93
---
Upstream patch seems to be:
https://github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675
---
Statement:
In Red Hat OpenShift Co
https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/
2020-08-05
Published