Updated tinyproxy packages fix security vulnerabilities
Publication date: 10 Jan 2025Modification date: 10 Jan 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2022-40468 , CVE-2023-49606
Description
Potential leak of left-over heap data if custom error page templates
containing special non-standard variables are used. Tinyproxy commit
84f203f and earlier use uninitialized buffers in process_request()
function.. (CVE-2022-40468)
A use-after-free vulnerability exists in the HTTP Connection Headers
parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted
HTTP header can trigger reuse of previously freed memory, which leads to
memory corruption and could lead to remote code execution. An attacker
needs to make an unauthenticated HTTP request to trigger this
vulnerability. (CVE-2023-49606)
References
- https://bugs.mageia.org/show_bug.cgi?id=33206
- https://www.openwall.com/lists/oss-security/2024/05/07/1
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/OM62U7F2OTTTTR4PTM6RV3UAOCUHRC75/
- https://lwn.net/Articles/990818/
- https://ubuntu.com/security/notices/USN-7140-1
- https://ubuntu.com/security/notices/USN-7190-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40468
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49606
SRPMS
9/core
- tinyproxy-1.10.0-3.1.mga9