Описание
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| jboss-xnio | fixed | 3.8.7-2 | package | |
| jboss-xnio | no-dsa | bullseye | package | |
| jboss-xnio | no-dsa | buster | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=2064226
Fixed by https://github.com/xnio/xnio/commit/b05531de0433f498af26f9aec6c0e944c3c1689c
EPSS
Связанные уязвимости
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
XNIO `notifyReadClosed` method logging message to unexpected end
EPSS