Bug 1223743 (CVE-2023-40533)

Summary: VUL-0: CVE-2023-40533: tinyproxy: uninitialized memory use could result in certain configuration in sensitive information disclosure via crafted HTTP request
Product: [openSUSE] openSUSE Distribution Reporter: SMASH SMASH <smash_bz>
Component: SecurityAssignee: Jan Engelhardt <jengelh>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: andrea.mattiazzo
Version: Leap 15.6   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/403892/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-40533:5.9:(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-02 12:39:03 UTC 
An uninitialized memory use vulnerability exists in Tinyproxy 1.11.1 while parsing HTTP requests. In certain configurations, a specially crafted HTTP request can result in disclosure of data allocated on the heap, which could contain sensitive information. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-40533
https://www.cve.org/CVERecord?id=CVE-2023-40533
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1902
Comment 1 Andrea Mattiazzo 2024-05-02 12:42:52 UTC 
Seems a duplicate of CVE-2022-40468: https://github.com/tinyproxy/tinyproxy/issues/457

Initialization of variables was added via: https://github.com/tinyproxy/tinyproxy/commit/3764b8551463b900b5b4e3ec0cd9bb9182191cb7

Tracking as affected:
- openSUSE:Backports:SLE-15-SP5/tinyproxy
Comment 2 OBSbugzilla Bot 2024-05-08 20:05:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1223743) was mentioned in
https://build.opensuse.org/request/show/1172808 15.5 / tinyproxy
Comment 3 OBSbugzilla Bot 2024-05-09 11:45:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1223743) was mentioned in
https://build.opensuse.org/request/show/1172919 Backports:SLE-15-SP6 / tinyproxy
https://build.opensuse.org/request/show/1172920 Backports:SLE-15-SP5 / tinyproxy
Comment 4 Marcus Meissner 2024-05-10 16:05:23 UTC 
openSUSE-SU-2024:0119-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1200028,1203553,1223743,1223746
CVE References: CVE-2012-3505,CVE-2017-11747,CVE-2022-40468,CVE-2023-40533,CVE-2023-49606
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP5 (src):    tinyproxy-1.11.2-bp155.3.3.1