Squid HTTP Response Header Size DoS via Cached Header Overrun
CVE-2023-5824 Published on November 3, 2023

Squid: dos against http and https
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-5824 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Timeline

2023-10-24

Reported to Red Hat.

2023-10-19

Made public.

Weakness Type

Improper Handling of Exceptional Conditions

The software does not handle or incorrectly handles an exceptional condition.

Products Associated with CVE-2023-5824

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-5824 are published in these products:

Squid Cache Squid

Red Hat Enterprise Linux (RHEL)

Canonical Ubuntu Linux

Red Hat Rhel E4s

Red Hat Rhel Tus

Red Hat Rhel Aus

Red Hat Rhel Eus

Affected Versions

Red Hat Enterprise Linux 8:

Version 8090020231130092412.a75119d5 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Advanced Update Support:

Version 8020020240122164331.4cda2c84 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Telecommunications Update Service:

Version 8020020240122164331.4cda2c84 and below * is unaffected.

Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions:

Version 8020020240122164331.4cda2c84 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support:

Version 8040020240122165847.522a0ee4 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Telecommunications Update Service:

Version 8040020240122165847.522a0ee4 and below * is unaffected.

Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions:

Version 8040020240122165847.522a0ee4 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Extended Update Support:

Version 8060020231222131040.ad008a3a and below * is unaffected.

Red Hat Enterprise Linux 8.8 Extended Update Support:

Version 8080020231222130009.63b34585 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 7:5.5-6.el9_3.2 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Extended Update Support:

Version 7:5.2-1.el9_0.4 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Extended Update Support:

Version 7:5.5-5.el9_2.3 and below * is unaffected.

Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7:

Exploit Probability

EPSS

1.88%

Percentile

82.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Squid HTTP Response Header Size DoS via Cached Header OverrunCVE-2023-5824 Published on November 3, 2023

Vulnerability Analysis

Timeline

Weakness Type

Improper Handling of Exceptional Conditions

Products Associated with CVE-2023-5824

Affected Versions

Exploit Probability

Squid HTTP Response Header Size DoS via Cached Header Overrun
CVE-2023-5824 Published on November 3, 2023