Skip to content

[AUTO-CHERRYPICK] [CRITICAL] Patch etcd for CVE-2026-39821 - branch 3.0-dev #17564

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jslobodzian merged 4 commits into from
May 30, 2026
Merged

[AUTO-CHERRYPICK] [CRITICAL] Patch etcd for CVE-2026-39821 - branch 3.0-dev #17564

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e921471
[CRITICAL] Patch etcd for CVE-2026-39821 (#17529)
akhila-guruju May 30, 2026
ae940ac
Update etcd.spec
jslobodzian May 30, 2026
2371508
Fix remaining conflict markers in %build section
jslobodzian May 30, 2026
ee0ddb5
Fix CRLF line endings introduced by previous commit
jslobodzian May 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 42 additions & 0 deletions SPECS/etcd/CVE-2026-33814.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
From 7e9e82f8c3033974b16d93835521f6e133a7c9aa Mon Sep 17 00:00:00 2001
From: AllSpark <allspark@microsoft.com>
Date: Thu, 14 May 2026 09:00:37 +0000
Subject: [PATCH] http2: prevent hanging Transport due to bad SETTINGS frame

This CL backports https://go.dev/cl/761581 to x/net.

Fixes golang/go#78476
Fixes CVE-2026-33814

Upstream-reference: https://github.com/golang/net/commit/1e71bd86e4a302b4e731bc06da6eb51679c7bd49.patch
---
vendor/golang.org/x/net/http2/transport.go | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index 8cf64b7..3b514a3 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -2865,6 +2865,9 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error {

var seenMaxConcurrentStreams bool
err := f.ForeachSetting(func(s Setting) error {
+ if err := s.Valid(); err != nil {
+ return err
+ }
switch s.ID {
case SettingMaxFrameSize:
cc.maxFrameSize = s.Val
@@ -2896,9 +2899,6 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error {
cc.henc.SetMaxDynamicTableSize(s.Val)
cc.peerMaxHeaderTableSize = s.Val
case SettingEnableConnectProtocol:
- if err := s.Valid(); err != nil {
- return err
- }
// If the peer wants to send us SETTINGS_ENABLE_CONNECT_PROTOCOL,
// we require that it do so in the first SETTINGS frame.
//
--
2.45.4

Loading
Loading