CVE-2018-20102

Priority
Description
An out-of-bounds read in dns_validate_dns_response in dns.c was discovered
in HAProxy through 1.8.14. Due to a missing check when validating DNS
responses, remote attackers might be able read the 16 bytes corresponding
to an AAAA record from the non-initialized part of the buffer, possibly
accessing anything that was left on the stack, or even past the end of the
8193-byte buffer, depending on the value of accepted_payload_size.
Assigned-to
leosilva
Package
Upstream:released (1.8.15-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.6.3-1ubuntu0.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (1.8.8-1ubuntu0.3)
Ubuntu 18.10 (Cosmic Cuttlefish):released (1.8.13-2ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):released (1.8.15-1)
Patches:
Upstream:http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0
More Information

Updated: 2019-01-24 22:14:56 UTC (commit 8089adf1cd02de6be23cb06a7b3d5c9a1f2f884d)