Improper Input Validation in etcd
CVE-2020-15106

6.5MEDIUM

Key Information:

Vendor: Etcd-io
Status: Etcd
Vendor: CVE Published:; 5 August 2020

What is CVE-2020-15106?

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.

Affected Version(s)

etcd < 3.3.23 < 3.3.23

etcd < 3.4.10 < 3.4.10

References

https://github.com/etcd-io/etcd/security/advisories/GHSA-...

x_refsource_CONFIRM

https://lists.fedoraproject.org/archives/list/package-ann...

vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2020
Vulnerability Reserved
Jun 25, 2020

CVE-2020-15106 Data

JSON

Etcd-io

What is CVE-2020-15106?

Affected Version(s)

References

CVSS V3.1

Timeline