Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
Name | Vendor | Start Version | End Version |
---|---|---|---|
Red Hat Enterprise Linux 8 | RedHat | squid:4-8090020231130092412.a75119d5 | * |
Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | squid:4-8020020240122164331.4cda2c84 | * |
Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | squid:4-8020020240122164331.4cda2c84 | * |
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | squid:4-8020020240122164331.4cda2c84 | * |
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | squid:4-8040020240122165847.522a0ee4 | * |
Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | squid:4-8040020240122165847.522a0ee4 | * |
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | squid:4-8040020240122165847.522a0ee4 | * |
Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | squid:4-8060020231222131040.ad008a3a | * |
Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | squid:4-8080020231222130009.63b34585 | * |
Red Hat Enterprise Linux 9 | RedHat | squid-7:5.5-6.el9_3.2 | * |
Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | squid-7:5.2-1.el9_0.4 | * |
Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | squid-7:5.5-5.el9_2.3 | * |
Squid | Ubuntu | focal | * |
Squid | Ubuntu | jammy | * |
Squid | Ubuntu | upstream | * |