Vulnerability Description
An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack. The specific source-code filename containing the incorrect statement varies across releases.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Varnish-Cache | Varnish | 4.0.2 |
| Varnish Cache Project | Varnish Cache | 4.0.1 |
| Varnish-Software | Varnish Cache | 4.1.0 |
Related Weaknesses (CWE)
References
- http://www.debian.org/security/2017/dsa-3924
- https://bugzilla.redhat.com/show_bug.cgi?id=1477222Issue TrackingThird Party Advisory
- https://bugzilla.suse.com/show_bug.cgi?id=1051917Issue TrackingThird Party Advisory
- https://github.com/varnishcache/varnish-cache/issues/2379Third Party Advisory
- https://lists.debian.org/debian-security-announce/2017/msg00186.htmlMailing ListThird Party Advisory
- https://www.varnish-cache.org/security/VSV00001.html#vsv00001Vendor Advisory
- http://www.debian.org/security/2017/dsa-3924
- https://bugzilla.redhat.com/show_bug.cgi?id=1477222Issue TrackingThird Party Advisory
- https://bugzilla.suse.com/show_bug.cgi?id=1051917Issue TrackingThird Party Advisory
- https://github.com/varnishcache/varnish-cache/issues/2379Third Party Advisory
- https://lists.debian.org/debian-security-announce/2017/msg00186.htmlMailing ListThird Party Advisory
- https://www.varnish-cache.org/security/VSV00001.html#vsv00001Vendor Advisory
FAQ
What is CVE-2017-12425?
CVE-2017-12425 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid r...
How severe is CVE-2017-12425?
CVE-2017-12425 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12425?
Check the references section above for vendor advisories and patch information. Affected products include: Varnish-Cache Varnish, Varnish Cache Project Varnish Cache, Varnish-Software Varnish Cache.