PT-2020-14196 · Coreos+3 · Etcd+3
Spzala
·
Published
2020-08-05
·
Updated
2024-01-31
·
CVE-2020-15114
CVSS v3.1
7.7
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
etcd versions 3.3.0 through 3.3.22
etcd versions 3.4.0 through 3.4.9
Description
The etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway.
Recommendations
For etcd versions 3.3.0 through 3.3.22, update to version 3.3.23 or later.
For etcd versions 3.4.0 through 3.4.9, update to version 3.4.10 or later.
As a temporary workaround, consider restricting access to the etcd gateway to minimize the risk of exploitation.
Fix
DoS
Missing Release of Resource after Effective Lifetime
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Linuxmint
Ubuntu
Etcd