SB2019061124 - Red Hat Software Collections update for rh-haproxy18-haproxy

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2018-11469)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists in the check_request_for_cacheability function of HAProxy due to improper caching of responses for requests that include an authorization header by the check_request_for_cacheability function, as defined in the proto_http.csource code file. A remote attacker can send a specially crafted request and access sensitive information, which could be used to conduct further attacks.

2) Out-of-bounds read (CVE-ID: CVE-2018-20102)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to improper checking of valid DNS responses by the dns_validate_dns_response function, as defined in the dns.c source code file. A remote attacker can send a specially crafted request that submits malicious input, trigger an out-of-bounds read access and obtain sensitive information.

3) Infinite loop (CVE-ID: CVE-2018-20103)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists in the dns_read_name() function, as defined in the src/dns.c source code file due to an error when processing malicious input. A remote attacker can send a specially crafted packet that submits malicious input, make a compressed pointer point to itself trigger an infinite loop and cause the affected software to crash.

Remediation

Install update from vendor's website.

References

• https://access.redhat.com/errata/RHSA-2019:1436