CVE-2024-23638: 
Squid vulnerability analysis and mitigation

CVE-2024-23638 affects Squid, a high-performance proxy caching server, prior to version 6.6. The vulnerability was discovered by Joshua Rogers of Opera Software and was disclosed in January 2024. The issue affects Squid versions 5.0.5 through 5.9 and all 6.x versions up to 6.5, with older versions assumed to be vulnerable (GITHUB-ADVISORY).

The vulnerability stems from an expired pointer reference bug in Squid's Cache Manager error response handling. The issue occurs when generating error pages for Client Manager reports, specifically affecting trusted clients. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with a vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (GITHUB-ADVISORY, NETAPP-ADVISORY).

When successfully exploited, this vulnerability can lead to a Denial of Service (DoS) condition against the Squid proxy server. The impact is limited to availability, with no effect on confidentiality or integrity of the system (NETAPP-ADVISORY).

A workaround is available by preventing access to Cache Manager using Squid's main access control with the command: http_access deny manager. For permanent remediation, users should upgrade to Squid version 6.6 or apply the appropriate patch for their version. Patches are available in Squid's patch archives for both version 5 and 6 series (GITHUB-ADVISORY).