Описание
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
A flaw was found in httpd, where it incorrectly limits the value of the LimitXMLRequestBody option. This issue can lead to an integer overflow and later causes an out-of-bounds write.
Отчет
The default configuration of the LimitXMLRequestBody option on RHEL is 1MB and therefore is not vulnerable to this flaw. Also, this issue is known to only affect 32bit httpd builds.
Меры по смягчению последствий
Set the LimitXMLRequestBody option to a value smaller than 350MB. Setting it to 0 is not recommended as it will use a hard limit (depending on 32bit or 64bit systems) which may result in an overall system out-of-memory. The default configuration is not vulnerable to this flaw, see the statement above.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | httpd | Out of support scope | ||
| Red Hat Enterprise Linux 7 | httpd | Out of support scope | ||
| Red Hat JBoss Enterprise Application Platform 6 | httpd | Out of support scope | ||
| JBoss Core Services for RHEL 8 | jbcs-httpd24-httpd | Fixed | RHSA-2022:8840 | 08.12.2022 |
| JBoss Core Services on RHEL 7 | jbcs-httpd24-httpd | Fixed | RHSA-2022:8840 | 08.12.2022 |
| Red Hat Enterprise Linux 8 | httpd | Fixed | RHSA-2022:7647 | 08.11.2022 |
| Red Hat Enterprise Linux 9 | httpd | Fixed | RHSA-2022:8067 | 15.11.2022 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | httpd24-httpd | Fixed | RHSA-2022:6753 | 29.09.2022 |
| Text-Only JBCS | jbcs-httpd24-httpd | Fixed | RHSA-2022:8841 | 08.12.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
If LimitXMLRequestBody is set to allow request bodies larger than 350M ...
If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.
EPSS
7.4 High
CVSS3