Bug 1441205 (CVE-2017-5647)
| Summary: | CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | aileenc, alazarot, alee, apmukher, bbaranow, bmaxwell, ccoleman, cdewolf, chazlett, coolsvap, csutherl, dandread, darran.lofthouse, dedgar, dmcphers, dmoppert, dosoudil, etirelli, gvarsami, gzaronik, hhorak, huwang, ivan.afonichev, java-sig-commits, jawilson, jclere, jcoleman, jdoyle, jgoulding, jolee, jorton, jshepherd, kconner, krzysztof.daniel, kverlaen, ldimaggi, lgao, loleary, lpetrovi, mbabacek, mbaluch, mizdebsk, mmiura, mwinkler, myarboro, nwallace, pgier, pragshar, psakar, pslavice, psotirop, rnetuka, rrajasek, rsvoboda, rwagner, rzhang, security-response-team, spinder, tcunning, theute, tkirby, twalsh, vhalbert, vtunka, weli, yozone |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | tomcat 6.0.53, tomcat 7.0.77, tomcat 8.0.43, tomcat 8.5.13 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 03:10:13 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1441241, 1441242, 1441243, 1441478, 1441479, 1441480, 1441481, 1441483, 1441484, 1470596, 1470597 | ||
| Bug Blocks: | 1441210, 1446025, 1446026, 1479475, 1482229 | ||
|
Description
Adam Mariš
2017-04-11 12:35:09 UTC
Created jbossweb tracking bugs for this issue: Affects: openshift-1 [bug 1441243] Created tomcat tracking bugs for this issue: Affects: epel-6 [bug 1441241] Affects: fedora-all [bug 1441242] Mitigation: The AJP connector does not support the sendfile capability. A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability. Disable the sendfile capability by setting useSendfile="false" in the HTTP connector configuration. Note: Disabling sendfile, may impact performance on large files. This issue has been addressed in the following products: Red Hat JBoss Web Server 3 for RHEL 7 Red Hat JBoss Web Server 3 for RHEL 6 Via RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 This issue has been addressed in the following products: Red Hat JBoss Web Server 3.1.1 Via RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 This issue has been addressed in the following products: Red Hat JBoss Enterprise Web Server 2 Via RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 This issue has been addressed in the following products: Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Via RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:3080 https://access.redhat.com/errata/RHSA-2017:3080 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:3081 https://access.redhat.com/errata/RHSA-2017:3081 |