Bugzilla – Bug 1223746
VUL-0: CVE-2023-49606: tinyproxy: use-after-free vulnerability via crafted HTTP request in remove_connection_headers() in src/reqs.c
Last modified: 2024-05-10 16:05:25 UTC
A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, which leads to memory corruption and could lead to remote code execution. An attacker needs to make an unauthenticated HTTP request to trigger this vulnerability. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-49606 https://www.cve.org/CVERecord?id=CVE-2023-49606 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1889 https://bugzilla.redhat.com/show_bug.cgi?id=2278395
Tracking as affected: - openSUSE:Backports:SLE-15-SP5/tinyproxy 1.8.4 - openSUSE:Backports:SLE-15-SP6/tinyproxy 1.11.1 - openSUSE:Factory/tinyproxy
This is an autogenerated message for OBS integration: This bug (1223746) was mentioned in https://build.opensuse.org/request/show/1172918 Factory / tinyproxy https://build.opensuse.org/request/show/1172919 Backports:SLE-15-SP6 / tinyproxy https://build.opensuse.org/request/show/1172920 Backports:SLE-15-SP5 / tinyproxy
openSUSE-SU-2024:0119-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 1200028,1203553,1223743,1223746 CVE References: CVE-2012-3505,CVE-2017-11747,CVE-2022-40468,CVE-2023-40533,CVE-2023-49606 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): tinyproxy-1.11.2-bp155.3.3.1