Описание
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 3.3.23 |
| esm-apps/bionic | released | 3.2.17+dfsg-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 3.2.26+dfsg-6ubuntu0.1 |
| esm-apps/jammy | not-affected | 3.3.23 |
| esm-apps/noble | not-affected | 3.3.23 |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 3.2.26+dfsg-6ubuntu0.1 |
| groovy | ignored | end of life |
Показывать по
EPSS
4 Medium
CVSS2
7.7 High
CVSS3
Связанные уязвимости
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway.
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway.
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simpl ...
Etcd Gateway can include itself as an endpoint resulting in resource exhaustion
EPSS
4 Medium
CVSS2
7.7 High
CVSS3