HAProxy: Arbitrary code execution — GLSA 202012-22

A buffer overflow in HAProxy might allow an attacker to execute arbitrary code.

Affected packages

net-proxy/haproxy on all architectures
Affected versions < 2.1.4
Unaffected versions >= 2.0.13
>= 2.1.4

Background

HAProxy is a TCP/HTTP reverse proxy for high availability environments.

Description

It was discovered that HAProxy incorrectly handled certain HTTP/2 headers.

Impact

A remote attacker, by sending a specially crafted HTTP/2 request, could possibly execute arbitrary code with the privileges of the process, or cause a Denial of Service condition.

Workaround

Disable HTTP/2 support.

Resolution

All HAProxy 2.0.x users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-proxy/haproxy-2.0.13:0/2.0"
 

All other HAProxy users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-proxy/haproxy-2.1.4"
 

References

Release date
December 24, 2020

Latest revision
December 24, 2020: 1

Severity
normal

Exploitable
remote

Bugzilla entries