CVE-2019-20637: 
Alibaba Cloud Linux (Aliyun Linux) vulnerability analysis and mitigation

CVE-2019-20637 affects Varnish Cache versions before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. The vulnerability was discovered on October 21, 2019, and involves a pointer handling issue between client requests (Varnish Security).

The vulnerability occurs when Varnish Cache fails to clear a pointer between handling one client request and the next request within the same connection. This issue specifically manifests when Varnish switches to synthetic handling due to an internal error to generate an error response to the client request. The vulnerability can be triggered in several scenarios: reaching max_restarts, backend fetch failures with invalid HTTP headers, or attempting to switch VCL labels after a restart (Varnish Security).

The vulnerability can lead to information disclosure from the connection workspace, potentially exposing data structures and stale header data from previous requests on the same connection, as well as temporary headers set during VCL processing. The leaked data appears in the resp.reason variable on entering vcl_synth and may appear in the response field of the HTTP response (Varnish Security).

The issue has been fixed in Varnish Cache versions 6.3.1, 6.2.2, and 6.0.5 LTS. A VCL-based mitigation is also possible by overriding the resp.reason field in the vcl_synth function using the command 'set resp.status = resp.status' (Varnish Security, Ubuntu Security).