CVE-2017-12425
Summary
| CVE | CVE-2017-12425 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-08-04 09:29:00 UTC |
| Updated | 2025-04-20 01:37:25 UTC |
| Description | An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, 4.1.0 through 4.1.7, 5.0.0, and 5.1.0 through 5.1.2. A wrong if statement in the varnishd source code means that particular invalid requests from the client can trigger an assert, related to an Integer Overflow. This causes the varnishd worker process to abort and restart, losing the cached contents in the process. An attacker can therefore crash the varnishd worker process on demand and effectively keep it from serving content - a Denial-of-Service attack. The specific source-code filename containing the incorrect statement varies across releases. |
Risk And Classification
Primary CVSS: v3.0 7.5 HIGH from [email protected]
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Problem Types: CWE-190 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 7.5 | HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 2.0 | [email protected] | Primary | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P |
CVSS v3.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
NoneScope
UnchangedConfidentiality
NoneIntegrity
NoneAvailability
HighCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
PartialAV:N/AC:L/Au:N/C:N/I:N/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Varnish-cache | Varnish | 4.0.2 | rc-1 | All | All |
| Application | Varnish-cache | Varnish | 4.0.3 | rc-1 | All | All |
| Application | Varnish-cache | Varnish | 4.0.3 | rc-2 | All | All |
| Application | Varnish-cache | Varnish | 4.0.3 | rc-2-proper | All | All |
| Application | Varnish-cache | Varnish | 4.0.3 | rc-3 | All | All |
| Application | Varnish-cache | Varnish | 4.1.0 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.0 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.0 | technology_preview1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.1 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.1 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.1 | beta2 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.2 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.2 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.2 | beta2 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.3 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.3 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.3 | beta2 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.4 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.4 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.4 | beta2 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.4 | beta3 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.5 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.5 | beta1 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.5 | beta2 | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.6 | All | All | All |
| Application | Varnish-software | Varnish Cache | 4.1.7 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 4.0.1 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 4.0.2 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 4.0.3 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 4.0.4 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 5.0.0 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 5.1.0 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 5.1.1 | All | All | All |
| Application | Varnish Cache Project | Varnish Cache | 5.1.2 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Debian -- Security Information -- DSA-3924-1 varnish | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| 1477222 – (CVE-2017-12425) CVE-2017-12425 varnish: Missing check for integer overflow when handling chunk sizes in HTTP requests | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.redhat.com | Issue Tracking, Third Party Advisory |
| Bogusly large chunk sizes may cause assert · Issue #2379 · varnishcache/varnish-cache · GitHub | af854a3a-2127-422b-91ae-364da2661108 | github.com | Third Party Advisory |
| VSV00001 DoS vulnerability — Varnish HTTP Cache | af854a3a-2127-422b-91ae-364da2661108 | www.varnish-cache.org | Vendor Advisory |
| Bug 1051917 – VUL-0: varnish: DoS through reachable assert | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.suse.com | Issue Tracking, Third Party Advisory |
| [SECURITY] [DSA 3924-1] varnish security update | af854a3a-2127-422b-91ae-364da2661108 | lists.debian.org | Mailing List, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.