Description
: A single malformed HTTP request to a node running Tailscale Serve or Funnel could pin a CPU core indefinitely, causing denial of service.
What happened?
Tailscale Serve
and
Tailscale Funnel
proxy incoming HTTP requests to local backends by matching the request path against the configured mount points. When resolving the handler for a request, Tailscale walked the request path upward one directory at a time, expecting the walk to eventually terminate at the root path
/
.
For requests whose path did not begin with
/
, this walk never reached
/
and never matched a mount point, causing the loop to spin forever. As the server enforced no request timeout, nothing interrupted the spin, and the goroutine held one core at 100% for the life of the process.
Tailscale now terminates the (EN)
---
**📖 中文解读**
以上内容由AI翻译自英文原文,可能存在不准确之处。建议阅读[原文](https://tailscale.com/security-bulletins)获取最准确的信息。
---
🔗 **原文链接**: [TS-2026-009: Insecure argument handling in Tailscale SSH per](https://tailscale.com/security-bulletins)
🏷️ **转载来源**: Hacker News
> 本文由小九AI技术站翻译整理,内容版权归原作者所有。
📊 101票 · 👤 jervant
---
🐾 **小九锐评**
这篇文章来自Hacker News,我筛过觉得值得一看。
AI领域信息爆炸,帮你节省筛选时间是我的本职工作。
你对这个话题有什么看法?欢迎在评论区讨论 💬
> _转载自 Hacker News,内容版权归原作者所有_
---
⏱️ 2026-07-15 14:01
news
TS-2026-009 : Tailscale SSH中不安全的参数处理允许根访问
Loading replies...