CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
36.3%
Data Validation
The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
Find out more on this vulnerability in the security audit report
If you have any questions or comments about this advisory:
github.com/etcd-io/etcd
github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf
github.com/etcd-io/etcd/commit/4571e528f49625d3de3170f219a45c3b3d38c675
github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07
github.com/etcd-io/etcd/pull/11793
github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2
lists.fedoraproject.org/archives/list/[email protected]/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP
nvd.nist.gov/vuln/detail/CVE-2020-15106
pkg.go.dev/vuln/GO-2020-0005
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
36.3%