Candidate: CVE-2017-8807
PublicDate: 2017-11-16 02:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8807
 http://varnish-cache.org/security/VSV00002.html
 https://github.com/varnishcache/varnish-cache/pull/2429
 https://bugs.debian.org/881808
 https://github.com/varnishcache/varnish-cache/commit/176f8a075a963ffbfa56f1c460c15f6a1a6af5a7
Description:
 vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache
 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain
 sensitive information from process memory because a VFP_GetStorage buffer
 is larger than intended in certain circumstances involving -sfile Stevedore
 transient objects.
Ubuntu-Description:
 It was discovered that Varnish incorrectly handled certain inputs. A remote
 attacker could possibly use this issue to obtain sensitive information.
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881808
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H [9.1 CRITICAL]


Patches_varnish:
upstream_varnish: released (5.2.1-1)
precise/esm_varnish: DNE
trusty_varnish: not-affected (code not present)
trusty/esm_varnish: not-affected (code not present)
xenial_varnish: ignored (end of standard support, was needed)
zesty_varnish: ignored (reached end-of-life)
artful_varnish: ignored (reached end-of-life)
bionic_varnish: not-affected (5.2.1-1)
cosmic_varnish: not-affected (5.2.1-1)
disco_varnish: not-affected (5.2.1-1)
eoan_varnish: not-affected (5.2.1-1)
focal_varnish: not-affected (5.2.1-1)
groovy_varnish: not-affected (5.2.1-1)
hirsute_varnish: not-affected (5.2.1-1)
impish_varnish: not-affected (5.2.1-1)
jammy_varnish: not-affected (5.2.1-1)
devel_varnish: not-affected (5.2.1-1)