This vulnerability may allow for request smuggling attacks, potentially resulting in an unspecified system caching incorrect content. The bug is an error in how to parse a chunked message body. The RFC tells to use only CRLF sequence to end a line: https://www.rfc-editor.org/rfc/rfc9112.html#name-chunked-transfer-coding However, Varnish has up until now mistakenly treated white-spaces as line ending as well. This allows a client to construct a HTTP/1 request to smuggle another malicious request in the body of the first request. When this is used against an endpoint that is blindly forwarding HTTP requests, it can lead to ways for this client to abuse this behavior of Varnish.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2025:8294 https://access.redhat.com/errata/RHSA-2025:8294
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Red Hat Enterprise Linux 8.6 Telecommunications Update Service Via RHSA-2025:8310 https://access.redhat.com/errata/RHSA-2025:8310
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Via RHSA-2025:8339 https://access.redhat.com/errata/RHSA-2025:8339
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2025:8340 https://access.redhat.com/errata/RHSA-2025:8340
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2025:8337 https://access.redhat.com/errata/RHSA-2025:8337
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2025:8350 https://access.redhat.com/errata/RHSA-2025:8350
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.4 Extended Update Support Via RHSA-2025:8349 https://access.redhat.com/errata/RHSA-2025:8349
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2025:8351 https://access.redhat.com/errata/RHSA-2025:8351
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2025:8336 https://access.redhat.com/errata/RHSA-2025:8336
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2025:8550 https://access.redhat.com/errata/RHSA-2025:8550