Your submission was sent successfully! Close

CVE-2020-15112

Published: 5 August 2020

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
etcd
Launchpad, Ubuntu, Debian
bionic Needed

focal
Released (3.2.26+dfsg-6ubuntu0.1)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Ignored
(reached end-of-life)
jammy Needed

kinetic Needed

precise Does not exist

trusty Does not exist

upstream
Released (3.3.23, 3.4.10)
xenial Ignored
(end of standard support, was needed)
Patches:
upstream: https://github.com/etcd-io/etcd/pull/12638/commits/b14255c0b4d1a27221d1857ae0e72bcac7f2b146 (3.3.23)