Описание
Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb (contrib/libs/yajl modules). This vulnerability is associated with program files yail_tree.C.
This issue affects ydb: through 24.4.4.2.
A flaw was found in ydb. This memory management vulnerability, identified as a 'Missing Release of Memory after Effective Lifetime', exists within the contrib/libs/yajl modules, specifically affecting the yail_tree.C program file. A remote attacker could exploit this by repeatedly triggering memory allocations without proper deallocation. This could lead to resource exhaustion, ultimately causing a Denial of Service (DoS) for the affected system.
Отчет
This MODERATE impact memory leak in the yajl modules of ydb can lead to a Denial of Service. A remote attacker could exploit this vulnerability by repeatedly triggering memory allocations without proper deallocation, causing resource exhaustion..
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-operator-bundle | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-rhel9-operator | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/eventrouter-rhel9 | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel8 | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel9 | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/log-file-metric-exporter-rhel9 | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/logging-view-plugin-rhel9 | Under investigation | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/vector-rhel9 | Under investigation | ||
| Red Hat 3scale API Management Platform 2 | 3scale-amp20/backend | Under investigation | ||
| Red Hat 3scale API Management Platform 2 | 3scale-amp21/backend | Under investigation |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb (contrib/libs/yajl modules). This vulnerability is associated with program files yail_tree.C. This issue affects ydb: through 24.4.4.2.
Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb (contrib/libs/yajl modules). This vulnerability is associated with program files yail_tree.C. This issue affects ydb: through 24.4.4.2.
5.3 Medium
CVSS3