CVE-2020-1738
Denial of Service vulnerability in ansible (PyPI)
What is CVE-2020-1738 About?
This vulnerability concerns Fiber crashes in BodyParser due to an unvalidated large slice index in the Decoder in `github.com/gofiber/fiber`. Sending specially crafted input can trigger a crash, leading to a denial of service. The ease of exploitation is likely moderate, requiring knowledge of the internal data handling.
Affected Software
- ansible
- >2.8.0a1, <=2.8.10
- >2.9.0a1, <=2.9.6
- <=2.7.16
- <2.7.17
Technical Details
The vulnerability manifests as a crash in the BodyParser component of the github.com/gofiber/fiber framework. The root cause is an unvalidated large slice index within the Decoder. When processing input, if an attacker provides data that leads the BodyParser to attempt to access a slice index that is excessively large or outside the bounds of an allocated memory region, it triggers a crash. This heap buffer overflow or similar memory access violation leads to the termination of the Fiber application, resulting in a denial of service condition.
What is the Impact of CVE-2020-1738?
Successful exploitation may allow attackers to cause an application crash, leading to a denial of service and unavailability of the service.
What is the Exploitability of CVE-2020-1738?
Exploitation of this denial of service vulnerability would likely be of moderate complexity. It involves crafting specific input that, when processed by Fiber's BodyParser, causes an out-of-bounds access due to an unvalidated large slice index in the decoder. This would typically be a remote exploitation scenario, requiring no authentication or specific privileges beyond the ability to send requests to the Fiber application's exposed endpoints. The special condition is tailoring the input to trigger the precise memory access error. Risk factors include applications that accept and parse large or malformed body content without robust input validation, especially in performance-critical sections of the BodyParser.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2020-1738?
Available Upgrade Options
- ansible
- <2.7.17 → Upgrade to 2.7.17
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://github.com/ansible/ansible/issues/67796
- https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-10.yaml
- https://security.gentoo.org/glsa/202006-11
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1738
- https://github.com/ansible/ansible/issues/67796
- https://security.gentoo.org/glsa/202006-11
- https://github.com/ansible/ansible/pull/67808
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1738
- https://security.gentoo.org/glsa/202006-11
- https://nvd.nist.gov/vuln/detail/CVE-2020-1738
What are Similar Vulnerabilities to CVE-2020-1738?
Similar Vulnerabilities: CVE-2023-45287 , CVE-2023-45288 , CVE-2023-44487 , CVE-2022-2900 , CVE-2020-28498
