Описание
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Cryostat 4 | io.cryostat-cryostat | Affected | ||
| OpenShift Lightspeed | openshift-lightspeed/lightspeed-console-plugin-pf5-rhel9 | Affected | ||
| OpenShift Lightspeed | openshift-lightspeed/lightspeed-console-plugin-rhel9 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-console-plugin-rhel8 | Affected | ||
| OpenShift Pipelines | openshift-pipelines/pipelines-console-plugin-rhel9 | Affected | ||
| Red Hat Developer Hub | rhdh/backstage-community-plugin-catalog-backend-module-scaffolder-relation-processor | Affected | ||
| Red Hat Developer Hub | rhdh/rhdh-hub-rhel9 | Affected | ||
| Red Hat Enterprise Linux 10 | nodejs22 | Affected | ||
| Red Hat Enterprise Linux 10 | nodejs24 | Affected | ||
| Red Hat Enterprise Linux 8 | nodejs:22/nodejs | Affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.
ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large length. undici's ByteParser overflows internal math, ends up in an invalid state, and throws a fatal TypeError that terminates the process. Patches Patched in the undici version v7.24.0 and v6.24.0. Users should upgrade to this version or later.
ImpactA server can reply with a WebSocket frame using the 64-bit lengt ...
Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client
7.5 High
CVSS3