Unrated severityNVD Advisory· Published Dec 12, 2018· Updated Aug 5, 2024
CVE-2018-20103
CVE-2018-20103
Description
An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/haproxy&distro=openSUSE%20Tumbleweedpkg:rpm/suse/haproxy&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015
< 2.4.4+git0.acb1d0bea-1.2+ 1 more
- (no CPE)range: < 2.4.4+git0.acb1d0bea-1.2
- (no CPE)range: < 1.8.15~git0.6b6a350a-3.6.2
Patches
Vulnerability mechanics
References
7- access.redhat.com/errata/RHBA-2019:0326mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHBA-2019:0327mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2019:1436mitrevendor-advisoryx_refsource_REDHAT
- usn.ubuntu.com/3858-1/mitrevendor-advisoryx_refsource_UBUNTU
- git.haproxy.orgmitrex_refsource_MISC
- www.securityfocus.com/bid/106280mitrevdb-entryx_refsource_BID
- lists.debian.org/debian-lts-announce/2022/05/msg00045.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.