Keepalived HTTP Status Codes Parsing Heap-Based Buffer Overflow Vulnerability
A vulnerability in the extract_status_code() function of Keepalived could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to improper parsing of HTTP responses when the extract_status_code() function, as defined in the lib/html.c source code file of the affected software, does not validate HTTP status codes and writes a significant amount of content to heap memory. An attacker could exploit this vulnerability by sending a request that submits malicious input to a targeted system. A successful exploit could result in a heap-based overflow condition that the attacker could use to cause a DoS condition.
Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available.
Keepalived.org has confirmed the vulnerability and released software updates.
Security Impact Rating: High