Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-1635

Опубликовано: 27 окт. 2023
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.

Отчет

This is rated as Important due to the fact that this might be an unauthenticated remote issue exploited by a malicious user, causing a denial of service (DoS) to the affected server.

Меры по смягчению последствий

No mitigation is currently available for this vulnerability. However, there might be some protections, such as request limits by a load balancer in front of JBoss EAP/Wildfly or even Undertow, that could minimize the impact.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
OpenShift ServerlessundertowNot affected
Red Hat build of Apache Camel 4 for Quarkus 3undertowNot affected
Red Hat build of Apache Camel for Spring Boot 3undertowNot affected
Red Hat build of Apache Camel for Spring Boot 4undertowAffected
Red Hat build of Apicurio Registry 2undertowNot affected
Red Hat Build of KeycloakundertowNot affected
Red Hat build of OptaPlanner 8undertowNot affected
Red Hat build of Quarkusio.quarkus/quarkus-undertowNot affected
Red Hat Data Grid 8undertowNot affected
Red Hat Integration Camel K 1undertowNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2264928undertow: Out-of-memory Error after several closed connections with wildfly-http-client protocol

EPSS

Процентиль: 92%
0.0833
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-1635

CVSS3: 7.5
ubuntu
почти 2 года назад

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree lea...

nvd логотип

CVE-2024-1635

CVSS3: 7.5
nvd
почти 2 года назад

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree le

debian логотип

CVE-2024-1635

CVSS3: 7.5
debian
почти 2 года назад

A vulnerability was found in Undertow. This vulnerability impacts a se ...

github логотип

GHSA-w6qf-42m7-vh68

CVSS3: 7.5
github
почти 2 года назад

Undertow Uncontrolled Resource Consumption Vulnerability

EPSS

Процентиль: 92%
0.0833
Низкий

7.5 High

CVSS3