Skip to content
tailscale.com·

🚨Tailscale Flaws Let Attackers Pin CPU Cores and Bypass ACLs

Attackers can now pin your Tailscale node's CPU cores

TL;DR

A new vulnerability in Tailscale lets attackers send a malformed HTTP request to permanently consume one CPU core on the target node. Upgrading to version 1.98.9 fixes this issue, along with several other security flaws.

Tailscale just exposed a critical flaw that allows attackers to pin a CPU core indefinitely by sending a single malformed HTTP request. The server doesn't enforce timeouts for these requests, causing an infinite loop and consuming one CPU core. This affects all nodes running Tailscale Serve or Funnel on versions prior to 1.98.9. Upgrading to the latest version is crucial as it fixes this issue along with several other security vulnerabilities, including ACL bypasses in SSH and Unix socket forwarding.

Tailscale Flaws Let Attackers Pin CPU Cores and Bypass ACLs — tailscale.com

Key Points

1

A single malformed HTTP request can permanently consume one CPU core on affected nodes (CVE-2023-4756).

2

Tailscale Serve and Funnel versions prior to 1.98.9 are vulnerable, but upgrading fixes the issue.

3

Insecure command line argument handling in Tailscale SSH permitted root user access via usernames starting with -i (CVE-2023-4758).

4

Insufficient inbound packet filtering allowed access to loopback-bound listeners on non-advertised ports (CVE-2023-4761).

5

Tailscale SSH Unix socket forwarding did not respect symlink permissions, allowing privileged socket access (CVE-2023-4765)

Why It Matters

If you're running Tailscale Serve or Funnel on versions prior to 1.98.9, your nodes are at risk of having their CPU cores pinned by attackers. Upgrading to the latest version is crucial as it fixes this and several other security vulnerabilities that could lead to ACL bypasses and root access.

TailscalevulnerabilityCVE-2023-4756CPU core pinningACL bypass

Frequently Asked Questions

Why does this matter?

If you're running Tailscale Serve or Funnel on versions prior to 1.98.9, your nodes are at risk of having their CPU cores pinned by attackers. Upgrading to the latest version is crucial as it fixes this and several other security vulnerabilities that could lead to ACL bypasses and root access.

What happened?

A new vulnerability in Tailscale lets attackers send a malformed HTTP request to permanently consume one CPU core on the target node. Upgrading to version 1.98.9 fixes this issue, along with several other security flaws.

Comments

Subscribe to join the conversation...

Be the first to comment

Enjoyed this article?

Get it daily. 7am. Free. Reads in 5 minutes.

Join 2,074 builders reading daily.

Also get