Bug 1051917 - VUL-0: varnish: DoS through reachable assert
VUL-0: varnish: DoS through reachable assert
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 42.3
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/189471/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-02 15:08 UTC by Johannes Segitz
Modified: 2020-04-28 13:17 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-08-02 15:08:07 UTC
https://www.varnish-cache.org/security/VSV00001.html#vsv00001

A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert.

This causes the varnishd worker process to abort and restart, loosing the cached contents in the process.

An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack.

Changelog roulette, please reassign to the security team if you don't want to take it.

References:
http://www.debian.org/security/2017/dsa-3924
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870467
Comment 2 Jan Engelhardt 2019-10-06 21:13:02 UTC
42.3 is out of maintenance; 15.0/15.1 has varnish 6.x where it is fixed.
Comment 3 Alexandros Toptsoglou 2020-04-28 13:17:50 UTC
Closing