https://bugzilla.redhat.com/show_bug.cgi?id=2031958
Bug ID: 2031958
Summary: CVE-2021-43797 netty: control chars in header names
may lead to HTTP request smuggling
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: aboyko(a)redhat.com, aileenc(a)redhat.com,
akoufoud(a)redhat.com, alazarot(a)redhat.com,
almorale(a)redhat.com, anstephe(a)redhat.com,
aos-bugs(a)redhat.com, asoldano(a)redhat.com,
atangrin(a)redhat.com, ataylor(a)redhat.com,
avibelli(a)redhat.com, bbaranow(a)redhat.com,
bbuckingham(a)redhat.com, bcourt(a)redhat.com,
bgeorges(a)redhat.com, bkearney(a)redhat.com,
bmaxwell(a)redhat.com, bmontgom(a)redhat.com,
boliveir(a)redhat.com, brian.stansberry(a)redhat.com,
btotty(a)redhat.com, caswilli(a)redhat.com,
cdewolf(a)redhat.com, chazlett(a)redhat.com,
clement.escoffier(a)redhat.com, dandread(a)redhat.com,
darran.lofthouse(a)redhat.com, dbecker(a)redhat.com,
dkreling(a)redhat.com, dosoudil(a)redhat.com,
drieden(a)redhat.com, ehelms(a)redhat.com,
eleandro(a)redhat.com, eparis(a)redhat.com,
etirelli(a)redhat.com, ewolinet(a)redhat.com,
extras-orphan(a)fedoraproject.org, fjuma(a)redhat.com,
ggaughan(a)redhat.com, gmalinko(a)redhat.com,
gsmet(a)redhat.com, hamadhan(a)redhat.com,
ibek(a)redhat.com, iweiss(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jcantril(a)redhat.com,
jerboaa(a)gmail.com, jjoyce(a)redhat.com,
jochrist(a)redhat.com, jokerman(a)redhat.com,
jpallich(a)redhat.com, jperkins(a)redhat.com,
jrokos(a)redhat.com, jross(a)redhat.com,
jschluet(a)redhat.com, jsherril(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
kaycoth(a)redhat.com, krathod(a)redhat.com,
kverlaen(a)redhat.com, kwills(a)redhat.com,
lgao(a)redhat.com, lhh(a)redhat.com, loleary(a)redhat.com,
lpeer(a)redhat.com, lthon(a)redhat.com, lzap(a)redhat.com,
mburns(a)redhat.com, mhulan(a)redhat.com,
mkolesni(a)redhat.com, mmccune(a)redhat.com,
mnovotny(a)redhat.com, msochure(a)redhat.com,
msvehla(a)redhat.com, mszynkie(a)redhat.com,
myarboro(a)redhat.com, nmoumoul(a)redhat.com,
nstielau(a)redhat.com, nwallace(a)redhat.com,
orabin(a)redhat.com, pcreech(a)redhat.com,
pdelbell(a)redhat.com, pdrozd(a)redhat.com,
peholase(a)redhat.com, pgallagh(a)redhat.com,
pjindal(a)redhat.com, pmackay(a)redhat.com,
probinso(a)redhat.com, rchan(a)redhat.com,
rgodfrey(a)redhat.com, rguimara(a)redhat.com,
rrajasek(a)redhat.com, rruss(a)redhat.com,
rstancel(a)redhat.com, rsvoboda(a)redhat.com,
sbiarozk(a)redhat.com, sclewis(a)redhat.com,
scohen(a)redhat.com, sd-operator-metering(a)redhat.com,
sdouglas(a)redhat.com, slinaber(a)redhat.com,
smaestri(a)redhat.com, spinder(a)redhat.com,
sponnaga(a)redhat.com, sthorger(a)redhat.com,
swoodman(a)redhat.com, tbrisker(a)redhat.com,
tflannag(a)redhat.com, theute(a)redhat.com,
tom.jenkinson(a)redhat.com, tzimanyi(a)redhat.com,
vkumar(a)redhat.com, yborgess(a)redhat.com
Target Milestone: ---
Classification: Other
Netty is an asynchronous event-driven network application framework for rapid
development of maintainable high performance protocol servers & clients. Netty
prior to version 4.1.7.1.Final skips control chars when they are present at the
beginning / end of the header name. It should instead fail fast as these are
not allowed by the spec and could lead to HTTP request smuggling. Failing to do
the validation might cause netty to "sanitize" header names before it forward
these to another remote system when used as proxy. This remote system can't see
the invalid usage anymore, and therefore does not do the validation itself.
Users should upgrade to version 4.1.7.1.Final to receive a patch.
Reference:
https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq
Upstream patch:
https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2031958
https://bugzilla.redhat.com/show_bug.cgi?id=1857010
Bug ID: 1857010
Summary: maven-plugin-bundle-5.1.1 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: maven-plugin-bundle
Keywords: FutureFeature, Triaged
Assignee: stewardship-sig(a)lists.fedoraproject.org
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, decathorpe(a)gmail.com,
jaromir.capik(a)email.cz,
java-sig-commits(a)lists.fedoraproject.org,
mhroncok(a)redhat.com, mizdebsk(a)redhat.com,
stewardship-sig(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Latest upstream release: 5.1.1
Current version/release in rawhide: 4.2.1-1.fc33
URL:
https://felix.apache.org/documentation/subprojects/apache-felix-maven-bundl…
Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1922/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1996787
Bug ID: 1996787
Summary: objectweb-asm has missing osgi metadata since the
upgrade to 9.1
Product: Fedora
Version: rawhide
Status: NEW
Component: objectweb-asm
Assignee: mizdebsk(a)redhat.com
Reporter: sergio(a)serjux.com
QA Contact: extras-qa(a)fedoraproject.org
CC: dwalluck(a)redhat.com, fnasser(a)redhat.com,
java-maint-sig(a)lists.fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mizdebsk(a)redhat.com
Target Milestone: ---
Classification: Fedora
Description of problem:
objectweb-asm has missing osgi metadata since the upgrade to 9.1
Version-Release number of selected component (if applicable):
objectweb-asm-9.1-3.fc35.noarch.rpm
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2049783
Bug ID: 2049783
Summary: CVE-2021-43859 xstream: Injecting highly recursive
collections or maps can cause a DoS
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: abenaiss(a)redhat.com, aileenc(a)redhat.com,
alazarot(a)redhat.com, anstephe(a)redhat.com,
aos-bugs(a)redhat.com, ataylor(a)redhat.com,
bibryam(a)redhat.com, bmontgom(a)redhat.com,
chazlett(a)redhat.com, didiksupriadi41(a)gmail.com,
drieden(a)redhat.com, emingora(a)redhat.com,
eparis(a)redhat.com, etirelli(a)redhat.com,
fedoraproject.org(a)bluhm-de.com, ggaughan(a)redhat.com,
gmalinko(a)redhat.com, hbraun(a)redhat.com,
ibek(a)redhat.com, janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jnethert(a)redhat.com,
jochrist(a)redhat.com, jokerman(a)redhat.com,
jolee(a)redhat.com, jrokos(a)redhat.com, jross(a)redhat.com,
jschatte(a)redhat.com, jstastny(a)redhat.com,
jwon(a)redhat.com, krathod(a)redhat.com,
kverlaen(a)redhat.com, lkundrak(a)v3.sk,
mizdebsk(a)redhat.com, mnovotny(a)redhat.com,
nstielau(a)redhat.com, pantinor(a)redhat.com,
pbhattac(a)redhat.com, pdelbell(a)redhat.com,
pjindal(a)redhat.com, rguimara(a)redhat.com,
rrajasek(a)redhat.com, spandura(a)redhat.com,
sponnaga(a)redhat.com, tzimanyi(a)redhat.com
Target Milestone: ---
Classification: Other
XStream is an open source java library to serialize objects to XML and back
again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100%
CPU time on the target system depending on CPU type or parallel execution of
such a payload resulting in a denial of service only by manipulating the
processed input stream. XStream 1.4.19 monitors and accumulates the time it
takes to add elements to collections and throws an exception if a set threshold
is exceeded. Users are advised to upgrade as soon as possible. Users unable to
upgrade may set the NO_REFERENCE mode to prevent recursion. See
GHSA-rmr5-cpv2-vgjf for further details on a workaround if an upgrade is not
possible.
References:
https://github.com/x-stream/xstream/security/advisories/GHSA-rmr5-cpv2-vgjfhttps://x-stream.github.io/CVE-2021-43859.html
Upstream patch:
https://github.com/x-stream/xstream/commit/e8e88621ba1c85ac3b8620337dd672e0…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2049783
https://bugzilla.redhat.com/show_bug.cgi?id=1748421
Bug ID: 1748421
Summary: httpcomponents-core-4.4.12 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: httpcomponents-core
Keywords: FutureFeature, Triaged
Assignee: stuart(a)gathman.org
Reporter: upstream-release-monitoring(a)fedoraproject.org
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, krzysztof.daniel(a)gmail.com,
mizdebsk(a)redhat.com, sochotni(a)redhat.com,
stuart(a)gathman.org
Target Milestone: ---
Classification: Fedora
Latest upstream release: 4.4.12
Current version/release in rawhide: 4.4.10-6.fc31
URL: http://www.apache.org/dist/httpcomponents/httpcore/source/
Please consult the package updates policy before you issue an update to a
stable branch: https://fedoraproject.org/wiki/Updates_Policy
More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.
Based on the information from anitya:
https://release-monitoring.org/project/1333/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2058763
Bug ID: 2058763
Summary: CVE-2022-24614 metadata-extractor: Out-of-memory when
reading a specially crafted JPEG file
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
anstephe(a)redhat.com, bibryam(a)redhat.com,
cedric.olivier(a)free.fr, chazlett(a)redhat.com,
drieden(a)redhat.com, emingora(a)redhat.com,
etirelli(a)redhat.com, extras-orphan(a)fedoraproject.org,
ggaughan(a)redhat.com, gmalinko(a)redhat.com,
hbraun(a)redhat.com, ibek(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jochrist(a)redhat.com, jolee(a)redhat.com,
jrokos(a)redhat.com, jschatte(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
mnovotny(a)redhat.com, pantinor(a)redhat.com,
pdelbell(a)redhat.com, pjindal(a)redhat.com,
puntogil(a)libero.it, rguimara(a)redhat.com,
rrajasek(a)redhat.com, tzimanyi(a)redhat.com
Target Milestone: ---
Classification: Other
When reading a specially crafted JPEG file, metadata-extractor up to 2.16.0 can
be made to allocate large amounts of memory that finally leads to an
out-of-memory error even for very small inputs. This could be used to mount a
denial of service attack against services that use metadata-extractor library.
Upstream bug:
https://github.com/drewnoakes/metadata-extractor/issues/561
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2058763
https://bugzilla.redhat.com/show_bug.cgi?id=2055480
Bug ID: 2055480
Summary: CVE-2021-22060 springframework: Additional Log
Injection in Spring Framework (follow-up to
CVE-2021-22096)
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: jwon(a)redhat.com
CC: aboyko(a)redhat.com, ahenning(a)redhat.com,
aileenc(a)redhat.com, alazarot(a)redhat.com,
anstephe(a)redhat.com, chazlett(a)redhat.com,
dchen(a)redhat.com, drieden(a)redhat.com,
emingora(a)redhat.com, etirelli(a)redhat.com,
extras-orphan(a)fedoraproject.org, ggaughan(a)redhat.com,
gmalinko(a)redhat.com, ibek(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jochrist(a)redhat.com, jolee(a)redhat.com,
jrokos(a)redhat.com, jschatte(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
lsurette(a)redhat.com, michal.skrivanek(a)redhat.com,
mnovotny(a)redhat.com, mperina(a)redhat.com,
pdelbell(a)redhat.com, pjindal(a)redhat.com,
pskopek(a)redhat.com, puntogil(a)libero.it,
rguimara(a)redhat.com, rrajasek(a)redhat.com,
sbonazzo(a)redhat.com, sguilhen(a)redhat.com,
tzimanyi(a)redhat.com
Blocks: 2044407
Target Milestone: ---
Classification: Other
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older
unsupported versions, it is possible for a user to provide malicious input to
cause the insertion of additional log entries. This is a follow-up to
CVE-2021-22096 that protects against additional types of input and in more
places of the Spring Framework codebase.
https://nvd.nist.gov/vuln/detail/CVE-2021-22060https://tanzu.vmware.com/security/cve-2021-22060
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2055480
https://bugzilla.redhat.com/show_bug.cgi?id=2047343
Bug ID: 2047343
Summary: CVE-2022-21363 mysql-connector-java: Difficult to
exploit vulnerability allows high privileged attacker
with network access via multiple protocols to
compromise MySQL Connectors
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
anstephe(a)redhat.com, aos-bugs(a)redhat.com,
asoldano(a)redhat.com, atangrin(a)redhat.com,
avibelli(a)redhat.com, bbaranow(a)redhat.com,
bbuckingham(a)redhat.com, bcourt(a)redhat.com,
bgeorges(a)redhat.com, bibryam(a)redhat.com,
bmaxwell(a)redhat.com, bmontgom(a)redhat.com,
brian.stansberry(a)redhat.com, btotty(a)redhat.com,
cdewolf(a)redhat.com, chazlett(a)redhat.com,
clement.escoffier(a)redhat.com, dandread(a)redhat.com,
darran.lofthouse(a)redhat.com,
databases-maint(a)redhat.com, dkreling(a)redhat.com,
dosoudil(a)redhat.com, drieden(a)redhat.com,
ehelms(a)redhat.com, eleandro(a)redhat.com,
emingora(a)redhat.com, eparis(a)redhat.com,
etirelli(a)redhat.com, fjuma(a)redhat.com,
ggaughan(a)redhat.com, gmalinko(a)redhat.com,
gmorling(a)redhat.com, gsmet(a)redhat.com,
hamadhan(a)redhat.com, hbraun(a)redhat.com,
hhorak(a)redhat.com, ibek(a)redhat.com, iweiss(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jjanco(a)redhat.com,
jnethert(a)redhat.com, jochrist(a)redhat.com,
jokerman(a)redhat.com, jolee(a)redhat.com,
jpallich(a)redhat.com, jpechane(a)redhat.com,
jperkins(a)redhat.com, jrokos(a)redhat.com,
jschatte(a)redhat.com, jsherril(a)redhat.com,
jstastny(a)redhat.com, jwon(a)redhat.com,
krathod(a)redhat.com, kverlaen(a)redhat.com,
kwills(a)redhat.com, lgao(a)redhat.com,
ljavorsk(a)redhat.com, lthon(a)redhat.com,
lzap(a)redhat.com, mhulan(a)redhat.com, mkulik(a)redhat.com,
mmccune(a)redhat.com, mmuzila(a)redhat.com,
mnovotny(a)redhat.com, mschorm(a)redhat.com,
msochure(a)redhat.com, msvehla(a)redhat.com,
mszynkie(a)redhat.com, myarboro(a)redhat.com,
nmoumoul(a)redhat.com, nstielau(a)redhat.com,
nwallace(a)redhat.com, odubaj(a)redhat.com,
orabin(a)redhat.com, pantinor(a)redhat.com,
pcreech(a)redhat.com, pdelbell(a)redhat.com,
peholase(a)redhat.com, pgallagh(a)redhat.com,
pjindal(a)redhat.com, pmackay(a)redhat.com,
probinso(a)redhat.com, puntogil(a)libero.it,
rchan(a)redhat.com, rguimara(a)redhat.com,
rrajasek(a)redhat.com, rruss(a)redhat.com,
rstancel(a)redhat.com, rsvoboda(a)redhat.com,
sbiarozk(a)redhat.com, sd-operator-metering(a)redhat.com,
sdouglas(a)redhat.com, smaestri(a)redhat.com,
sponnaga(a)redhat.com, steve.traylen(a)cern.ch,
tflannag(a)redhat.com, tom.jenkinson(a)redhat.com,
tzimanyi(a)redhat.com, xjakub(a)fi.muni.cz,
yborgess(a)redhat.com, zmiklank(a)redhat.com
Target Milestone: ---
Classification: Other
Vulnerability in the MySQL Connectors product of Oracle MySQL (component:
Connector/J). Supported versions that are affected are 8.0.27 and prior.
Difficult to exploit vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Connectors. Successful
attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS
3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
Reference:
https://www.oracle.com/security-alerts/cpujan2022.html
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2047343
https://bugzilla.redhat.com/show_bug.cgi?id=2047417
Bug ID: 2047417
Summary: CVE-2022-23181 tomcat: local privilege escalation
vulnerability
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: gsuckevi(a)redhat.com
CC: aileenc(a)redhat.com, alazarot(a)redhat.com,
alee(a)redhat.com, anstephe(a)redhat.com,
asoldano(a)redhat.com, atangrin(a)redhat.com,
avibelli(a)redhat.com, bbaranow(a)redhat.com,
bgeorges(a)redhat.com, bmaxwell(a)redhat.com,
brian.stansberry(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, cmoulliard(a)redhat.com,
coolsvap(a)gmail.com, csutherl(a)redhat.com,
darran.lofthouse(a)redhat.com, dbecker(a)redhat.com,
dkreling(a)redhat.com, dosoudil(a)redhat.com,
drieden(a)redhat.com, eleandro(a)redhat.com,
emingora(a)redhat.com, etirelli(a)redhat.com,
fjuma(a)redhat.com, ggaughan(a)redhat.com,
gmalinko(a)redhat.com, gzaronikas(a)gmail.com,
gzaronik(a)redhat.com, huwang(a)redhat.com,
ibek(a)redhat.com, ikanello(a)redhat.com,
ivan.afonichev(a)gmail.com, iweiss(a)redhat.com,
janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jclere(a)redhat.com, jjoyce(a)redhat.com,
jochrist(a)redhat.com, jolee(a)redhat.com,
jpallich(a)redhat.com, jperkins(a)redhat.com,
jrokos(a)redhat.com, jschatte(a)redhat.com,
jschluet(a)redhat.com, jstastny(a)redhat.com,
jwon(a)redhat.com, krathod(a)redhat.com,
krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com,
kwills(a)redhat.com, lgao(a)redhat.com, lhh(a)redhat.com,
lpeer(a)redhat.com, lthon(a)redhat.com, mburns(a)redhat.com,
mkolesni(a)redhat.com, mnovotny(a)redhat.com,
msochure(a)redhat.com, msvehla(a)redhat.com,
mszynkie(a)redhat.com, nwallace(a)redhat.com,
pdelbell(a)redhat.com, peholase(a)redhat.com,
pgallagh(a)redhat.com, pjindal(a)redhat.com,
pmackay(a)redhat.com, rguimara(a)redhat.com,
rhcs-maint(a)redhat.com, rrajasek(a)redhat.com,
rruss(a)redhat.com, rstancel(a)redhat.com,
rsvoboda(a)redhat.com, sclewis(a)redhat.com,
scohen(a)redhat.com, slinaber(a)redhat.com,
smaestri(a)redhat.com, szappis(a)redhat.com,
tom.jenkinson(a)redhat.com, tzimanyi(a)redhat.com,
yborgess(a)redhat.com
Target Milestone: ---
Classification: Other
The fix for bug CVE-2020-9484 introduced a time of check, time of use
vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14,
9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform
actions with the privileges of the user that the Tomcat process is using. This
issue is only exploitable when Tomcat is configured to persist sessions using
the FileStore.
Reference:
https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2047417
https://bugzilla.redhat.com/show_bug.cgi?id=2014356
Bug ID: 2014356
Summary: CVE-2021-42340 tomcat: OutOfMemoryError caused by HTTP
upgrade connection leak could lead to DoS
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: jwon(a)redhat.com
CC: aileenc(a)redhat.com, akoufoud(a)redhat.com,
alazarot(a)redhat.com, alee(a)redhat.com,
almorale(a)redhat.com, anstephe(a)redhat.com,
asoldano(a)redhat.com, atangrin(a)redhat.com,
avibelli(a)redhat.com, bbaranow(a)redhat.com,
bgeorges(a)redhat.com, bmaxwell(a)redhat.com,
brian.stansberry(a)redhat.com, cdewolf(a)redhat.com,
chazlett(a)redhat.com, cmoulliard(a)redhat.com,
coolsvap(a)gmail.com, csutherl(a)redhat.com,
darran.lofthouse(a)redhat.com, dbecker(a)redhat.com,
dkreling(a)redhat.com, dosoudil(a)redhat.com,
drieden(a)redhat.com, eleandro(a)redhat.com,
etirelli(a)redhat.com, fjuma(a)redhat.com,
ggaughan(a)redhat.com, gmalinko(a)redhat.com,
gzaronikas(a)gmail.com, gzaronik(a)redhat.com,
huwang(a)redhat.com, ibek(a)redhat.com,
ikanello(a)redhat.com, ivan.afonichev(a)gmail.com,
iweiss(a)redhat.com, janstey(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jclere(a)redhat.com, jjoyce(a)redhat.com,
jochrist(a)redhat.com, jolee(a)redhat.com,
jpallich(a)redhat.com, jperkins(a)redhat.com,
jrokos(a)redhat.com, jschatte(a)redhat.com,
jschluet(a)redhat.com, jstastny(a)redhat.com,
jwon(a)redhat.com, krathod(a)redhat.com,
krzysztof.daniel(a)gmail.com, kverlaen(a)redhat.com,
kwills(a)redhat.com, lgao(a)redhat.com, lhh(a)redhat.com,
lpeer(a)redhat.com, lthon(a)redhat.com, mburns(a)redhat.com,
mkolesni(a)redhat.com, mnovotny(a)redhat.com,
msochure(a)redhat.com, msvehla(a)redhat.com,
mszynkie(a)redhat.com, nwallace(a)redhat.com,
pdelbell(a)redhat.com, peholase(a)redhat.com,
pgallagh(a)redhat.com, pjindal(a)redhat.com,
pmackay(a)redhat.com, rguimara(a)redhat.com,
rhcs-maint(a)redhat.com, rrajasek(a)redhat.com,
rruss(a)redhat.com, rstancel(a)redhat.com,
rsvoboda(a)redhat.com, sclewis(a)redhat.com,
scohen(a)redhat.com, slinaber(a)redhat.com,
smaestri(a)redhat.com, szappis(a)redhat.com,
tom.jenkinson(a)redhat.com, tzimanyi(a)redhat.com,
yborgess(a)redhat.com
Blocks: 2014348
Target Milestone: ---
Classification: Other
Apache Tomcat did not properly release an HTTP upgrade connection for WebSocket
connections once the WebSocket connection was closed. This created a memory
leak that, over time, could lead to a denial of service via an
OutOfMemoryError. This issue affects the version of Apache Tomcat 10.1.0-M1 to
10.1.0-M5; Apache Tomcat 10.0.0-M10 to 10.0.11; Apache Tomcat 9.0.40 to 9.0.53;
Apache Tomcat 8.5.60 to 8.5.71.
Upstream commits:
Tomcat 10.1:
https://github.com/apache/tomcat/commit/d5a6660cba7f51589468937bf3bbad4db78…
Tomcat 10.0:
https://github.com/apache/tomcat/commit/31d62426645824bdfe076a0c0eafa904d90…
Tomcat 9.0:
https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d25…
Tomcat 8.5:
https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476a…
Reference:
https://lists.apache.org/thread.html/r83a35be60f06aca2065f188ee542b9099695d…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2014356