CVE-2020-24606
published 2020-08-24CVE-2020-24606: Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
5.16%
91.4th percentile
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | squid | < squid 4.13-1 (bookworm) | squid 4.13-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| opensuse | leap | — | — |
| opensuse | leap | — | — |
| squid-cache | squid | >= 3.0 < 4.13 | 4.13 |
| squid-cache | squid | >= 5.0.1 < 5.0.4 | 5.0.4 |
| squid | squid | >= 0 < 4.13-1 | 4.13-1 |
| squid | squid | >= 0 < 4.13-1 | 4.13-1 |
| squid | squid | >= 0 < 4.13-1 | 4.13-1 |
| squid | squid | >= 0 < 4.13-1 | 4.13-1 |
| squid | squid | >= 0 < 4.10-1ubuntu1.2 | 4.10-1ubuntu1.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.07.1HIGHAV:N/AC:M/Au:N/C:N/I:N/A:C
osv8.8HIGH
vendor_ubuntu9.9CRITICAL
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2020-09-28·CVSS 9.9
CVE-2020-15049 [CRITICAL] Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Several security issues were fixed in Squid.
Alex Rousskov and Amit Klein discovered that Squid incorrectly handled
certain Content-Length headers. A remote attacker could possibly use this
issue to perform an HTTP request smuggling attack, resulting in cache
poisoning. (CVE-2020-15049)
Amit Klein discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly h
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2020-08-27·CVSS 6.5
CVE-2020-15810 [MEDIUM] Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Several security issues were fixed in Squid.
Amit Klein discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache
Digest response messages sent by trusted peers. A remote attacker could
possibly use this issue to cause Squid to consume resources, resulting in a
denial of service. (CVE-2020-24606)
Instructions: In general, a standard s
Red Hat
squid: Improper input validation could result in a DoS
vendor_redhat·2020-08-23·CVSS 8.6
CVE-2020-24606 [HIGH] CWE-20 squid: Improper input validation could result in a DoS
squid: Improper input validation could result in a DoS
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
A flaw was found in squid. A denial of service attack is possible due to an improper input validation. The highest threat from this vulnerability is to system availability.
Mitigation: Add the no-digest option to all cache_peer lines in squid.conf
Package: squid (Red Hat Enterprise Linux 5) - Out of support scope
Package: squid (Red Hat Enterprise Linux 6) - Out of support scope
Debian
CVE-2020-24606: squid - Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial o...
vendor_debian·2020·CVSS 8.6
CVE-2020-24606 [HIGH] CVE-2020-24606: squid - Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial o...
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
Scope: local
bookworm: resolved (fixed in 4.13-1)
bullseye: resolved (fixed in 4.13-1)
forky: resolved (fixed in 4.13-1)
sid: resolved (fixed in 4.13-1)
trixie: resolved (fixed in 4.13-1)
OSV
squid3 vulnerabilities
osv·2020-09-28·CVSS 8.8
CVE-2020-15049 [HIGH] squid3 vulnerabilities
squid3 vulnerabilities
Alex Rousskov and Amit Klein discovered that Squid incorrectly handled
certain Content-Length headers. A remote attacker could possibly use this
issue to perform an HTTP request smuggling attack, resulting in cache
poisoning. (CVE-2020-15049)
Amit Klein discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache
Digest response messages sent by trusted
OSV
squid vulnerabilities
osv·2020-08-27·CVSS 6.5
CVE-2020-15810 [MEDIUM] squid vulnerabilities
squid vulnerabilities
Amit Klein discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache
Digest response messages sent by trusted peers. A remote attacker could
possibly use this issue to cause Squid to consume resources, resulting in a
denial of service. (CVE-2020-24606)
OSV
CVE-2020-24606: Squid before 4
osv·2020-08-24·CVSS 7.5
CVE-2020-24606 [HIGH] CVE-2020-24606: Squid before 4
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-24606 squid: Improper input validation could result in a DoS
bugzilla·2020-08-24·CVSS 8.6
CVE-2020-24606 [HIGH] CVE-2020-24606 squid: Improper input validation could result in a DoS
CVE-2020-24606 squid: Improper input validation could result in a DoS
Due to Improper Input Validation Squid is vulnerable to a Denial of Service attack
against the machine operating Squid.
Upstream Advisory:
https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg
Affected Versions: 3.0-4.12, 5.0.1-5.0.3
Fixed Versions: 4.13, 5.0.4
Discussion:
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1871706]
---
Mitigation:
Add the no-digest option to all cache_peer lines in squid.conf
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2020:4082 https://access.redhat.com/errata/RHSA-2020:4082
---
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
Bugzilla
CVE-2020-24606 squid: Improper Input Validation could result in a DoS [fedora-all]
bugzilla·2020-08-24·CVSS 8.6
CVE-2020-24606 [HIGH] CVE-2020-24606 squid: Improper Input Validation could result in a DoS [fedora-all]
CVE-2020-24606 squid: Improper Input Validation could result in a DoS [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported ver
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.htmlhttp://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patchhttps://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jghttps://lists.debian.org/debian-lts-announce/2020/10/msg00005.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/https://security.netapp.com/advisory/ntap-20210219-0007/https://security.netapp.com/advisory/ntap-20210226-0006/https://security.netapp.com/advisory/ntap-20210226-0007/https://usn.ubuntu.com/4477-1/https://usn.ubuntu.com/4551-1/https://www.debian.org/security/2020/dsa-4751http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00017.htmlhttp://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_9.patchhttps://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jghttps://lists.debian.org/debian-lts-announce/2020/10/msg00005.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BE6FKUN7IGTIR2MEEMWYDT7N5EJJLZI2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BMTFLVB7GLRF2CKGFPZ4G4R5DIIPHWI3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJJDI7JQFGQLVNCKMVY64LAFMKERAOK7/https://security.netapp.com/advisory/ntap-20210219-0007/https://security.netapp.com/advisory/ntap-20210226-0006/https://security.netapp.com/advisory/ntap-20210226-0007/https://usn.ubuntu.com/4477-1/https://usn.ubuntu.com/4551-1/https://www.debian.org/security/2020/dsa-4751
2020-08-24
Published