Bug 2447142 (CVE-2026-1526)
| Summary: | CVE-2026-1526 undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | aazores, abarbaro, alizardo, anpicker, asoldano, bbaranow, bmaxwell, bparees, brian.stansberry, cmah, darran.lofthouse, dosoudil, dschmidt, eaguilar, ebaron, erezende, fjuma, hasun, istudens, ivassile, iweiss, jchui, jfula, jhe, jkoehler, jlanda, jolong, jowilson, kshier, ktsao, lphiri, mosmerov, msvehla, nboldt, nwallace, nyancey, ometelka, pberan, pesilva, pjindal, pmackay, psrna, ptisnovs, rstancel, sdawley, simaishi, smaestri, smcdonal, stcannon, syedriko, teagle, tom.jenkinson, xdharmai, yguenane |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2447176, 2447179, 2447181, 2447182 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-03-12 21:01:48 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:7080 https://access.redhat.com/errata/RHSA-2026:7080 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:7123 https://access.redhat.com/errata/RHSA-2026:7123 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:7302 https://access.redhat.com/errata/RHSA-2026:7302 This issue has been addressed in the following products: Red Hat Enterprise Linux 10.0 Extended Update Support Via RHSA-2026:7310 https://access.redhat.com/errata/RHSA-2026:7310 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2026:7350 https://access.redhat.com/errata/RHSA-2026:7350 This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:7675 https://access.redhat.com/errata/RHSA-2026:7675 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2026:7670 https://access.redhat.com/errata/RHSA-2026:7670 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.6 Extended Update Support Via RHSA-2026:7983 https://access.redhat.com/errata/RHSA-2026:7983 |