Описание
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.
Отчет
This vulnerability only affects configurations with the cache_dir directive enabled. If this directive is not enabled, the Squid server is not vulnerable and no further mitigation is needed. For more information about the mitigation, see the mitigation section below.
The cache_dir directive is disabled by default in Squid shipped in Red Hat Enterprise Linux 6, 7, 8 and 9. Therefore, these Red Hat Enterprise Linux versions are not vulnerable with the default configuration.
Red Hat is not planning to address this issue in Red Hat Enterprise Linux 6 and 7 due to the changes required and the magnitude of the differences between Squid 3 and 4 code bases, backporting the changes to the Squid 3 code base has not been feasible.
We recommend that customers using Squid as a caching proxy on Red Hat Enterprise Linux 6 and 7 to upgrade to Red Hat Enterprise Linux 8 and 9 to use Squid version 4 or version 5, respectively. Alternatively, see the mitigation section below for a way to workaround this vulnerability.
Меры по смягчению последствий
Disabling the disk caching mechanism will mitigate this vulnerability. To achieve this, remove all the 'cache_dir' directives from the Squid configuration, typically in the /etc/squid/squid.conf file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | squid | Will not fix | ||
| Red Hat Enterprise Linux 7 | squid | Will not fix | ||
| Red Hat Enterprise Linux 8 | squid | Fixed | RHSA-2023:7668 | 06.12.2023 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | squid | Fixed | RHSA-2024:0772 | 12.02.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | squid | Fixed | RHSA-2024:0773 | 12.02.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | squid | Fixed | RHSA-2024:0773 | 12.02.2024 |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | squid | Fixed | RHSA-2024:0773 | 12.02.2024 |
| Red Hat Enterprise Linux 8.6 Extended Update Support | squid | Fixed | RHSA-2024:0771 | 12.02.2024 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.
A flaw was found in Squid. The limits applied for validation of HTTP r ...
7.5 High
CVSS3