What is CVE-2018-20102?

CVE-2018-20102 is an out-of-bounds read vulnerability discovered in HAProxy through version 1.8.14.

How severe is CVE-2018-20102?

CVE-2018-20102 has a severity score of 7.5, which is considered high.

Which software is affected by CVE-2018-20102?

The affected software includes HAProxy versions 1.8.14 to 1.8.19, 2.2.9, 2.6.12, and 2.6.15.

How can I fix CVE-2018-20102?

To fix CVE-2018-20102, update HAProxy to version 1.8.19-1+deb10u3, 1.8.19-1+deb10u4, 2.2.9-2+deb11u5, 2.6.12-1, or 2.6.15-1.

Vulnerability/
CVE-2018-20102

high

7.5

CWE

125

12/12/2018

7/11/2023

CVE-2018-20102

Q: Where can I find more information about CVE-2018-20102?

You can find more information about CVE-2018-20102 in the references provided: http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0, http://www.securityfocus.com/bid/106223, https://access.redhat.com/errata/RHBA-2019:0326

First published: Wed Dec 12 2018(Updated: )

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Haproxy Haproxy	<=1.8.14
Canonical Ubuntu Linux	=16.04
Canonical Ubuntu Linux	=18.04
Canonical Ubuntu Linux	=18.10
Redhat Openshift Container Platform	=3.11
ubuntu/haproxy	<1.8.15-1	1.8.15-1
ubuntu/haproxy	<1.6.3-1ubuntu0.2	1.6.3-1ubuntu0.2
ubuntu/haproxy	<1.8.8-1ubuntu0.3	1.8.8-1ubuntu0.3
ubuntu/haproxy	<1.8.13-2ubuntu0.1	1.8.13-2ubuntu0.1
redhat/haproxy	<1.8.15	1.8.15
debian/haproxy		1.8.19-1+deb10u3 1.8.19-1+deb10u5 2.2.9-2+deb11u6 2.6.12-1+deb12u1 2.9.5-1 2.9.7-1

Remedy

http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-3858-1

Frequently Asked Questions

What is CVE-2018-20102?
CVE-2018-20102 is an out-of-bounds read vulnerability discovered in HAProxy through version 1.8.14.
How severe is CVE-2018-20102?
CVE-2018-20102 has a severity score of 7.5, which is considered high.
Which software is affected by CVE-2018-20102?
The affected software includes HAProxy versions 1.8.14 to 1.8.19, 2.2.9, 2.6.12, and 2.6.15.
How can I fix CVE-2018-20102?
To fix CVE-2018-20102, update HAProxy to version 1.8.19-1+deb10u3, 1.8.19-1+deb10u4, 2.2.9-2+deb11u5, 2.6.12-1, or 2.6.15-1.
Where can I find more information about CVE-2018-20102?
You can find more information about CVE-2018-20102 in the references provided: http://git.haproxy.org/?p=haproxy.git;a=commit;h=efbbdf72992cd20458259962346044cafd9331c0, http://www.securityfocus.com/bid/106223, https://access.redhat.com/errata/RHBA-2019:0326

collector/nvd-index
agent/type
agent/author
collector/launchpad-cve
source/Launchpad
agent/last-modified-date
agent/first-publish-date
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
agent/severity
agent/remedy
agent/references
agent/weakness
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2018-20102
agent/description
agent/tags
agent/event
collector/security-tracker-debian
source/Debian
agent/softwarecombine
collector/usn-cve
source/Ubuntu
vendor/haproxy
canonical/haproxy haproxy
version/haproxy haproxy/1.8.14
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/16.04
version/canonical ubuntu linux/18.04
version/canonical ubuntu linux/18.10
vendor/redhat
canonical/redhat openshift container platform
version/redhat openshift container platform/3.11
package-manager/redhat
package-manager/debian
package-manager/ubuntu