CVE-2023-46847: 
Squid vulnerability analysis and mitigation

CVE-2023-46847 is a critical vulnerability in Squid, discovered in October 2023, affecting versions 3.2.0.1 through 5.9, and 6.0 through 6.3. The vulnerability exists in Squid's HTTP Digest Authentication functionality, where a remote attacker can perform a buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication (GitHub Advisory).

The vulnerability is classified as a buffer overflow vulnerability (CWE-120) that occurs during HTTP Digest Authentication processing. The CVSS v3.1 base score is 7.5 (High) with vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H according to NVD, while Red Hat rates it at 8.6 (High) with vector AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H (NVD, Red Hat).

When successfully exploited, this vulnerability can lead to a Denial of Service (DoS) affecting all users of the Squid proxy. On systems with advanced memory protections, the buffer overflow attack can cause service disruption. The vulnerability allows writing up to 2 MB of arbitrary data to heap memory, potentially compromising system stability (GitHub Advisory).

The vulnerability has been fixed in Squid version 6.4. For earlier versions, patches are available for stable releases in the patch archives. As a workaround, administrators can disable HTTP Digest authentication until Squid can be upgraded or patched. Various Linux distributions have released security updates to address this vulnerability, including Red Hat Enterprise Linux, Debian, and others (GitHub Advisory, Red Hat Advisory).