Описание
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Application Platform 7 | jboss-remoting | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6.4 | jboss-remoting | Fixed | RHSA-2018:0269 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | hornetq | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | infinispan | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | ironjacamar-eap6 | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | jboss-as-appclient | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | jbossas-appclient | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | jbossas-bundles | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | jboss-as-cli | Fixed | RHSA-2018:0271 | 05.02.2018 |
| Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 | jboss-as-client-all | Fixed | RHSA-2018:0271 | 05.02.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
A vulnerability was found in the way RemoteMessageChannel, introduced ...
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
EPSS
4.3 Medium
CVSS3