5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-41881

GHSA ID

GHSA-fx2c-96vj-985v

EPSS Score

0.23678%

CWE

CWE-674

Published

12/12/2022

Updated

1/29/2023

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-41881

CVE-2022-41881: HAProxyMessageDecoder Stack Exhaustion DoS

Impact

A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion.

Patches

Users should upgrade to 4.1.86.Final.

Workarounds

There is no workaround, except using a custom HaProxyMessageDecoder.

References

When parsing a TLV with type = PP2_TYPE_SSL, the value can be again a TLV with type = PP2_TYPE_SSL and so on. The only limitation of the recursion is that the TLV length cannot be bigger than 0xffff because it is encoded in an unsigned short type. Providing a TLV with a nesting level that is large enough will lead to raising of a StackOverflowError. The StackOverflowError will be caught if HAProxyMessageDecoder is used as part of Netty’s ChannelPipeline, but using it directly without the ChannelPipeline will lead to a thrown exception / crash.

For more information

If you have any questions or comments about this advisory:

Open an issue in netty

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2022-41881

CVE-2022-41881:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-41881

GHSA ID

GHSA-fx2c-96vj-985v

EPSS Score

0.23678%

CWE

CWE-674

Published

12/12/2022

Updated

1/29/2023

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
io.netty:netty-codec-haproxy	maven	< 4.1.86.Final	4.1.86.Final

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from uncontrolled recursion when parsing PP2_TYPE_SSL TLVs. The description explicitly states that nested SSL TLVs can be infinitely chained within each other, limited only by the 0xffff length constraint. The decodeTlvs function (or equivalent TLV parsing logic) in HAProxyMessageDecoder would be responsible for recursively processing these TLVs. Since there's no mention of recursion depth checks in the advisory, and the CWE is specifically about uncontrolled recursion, this function's handling of SSL TLV nesting constitutes the vulnerable path.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2022-41881: HAProxyMessageDecoder Stack Exhaustion DoS

Impact

Patches

Workarounds

References

For more information

CVE-2022-41881:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2022-41881: HAProxyMessageDecoder Stack Exhaustion DoS

Impact

Patches

Workarounds

References

For more information

Technical Details

5.3

5.3

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI