Bug 1530457 (CVE-2018-1041) - CVE-2018-1041 jboss-remoting: High CPU Denial of Service
Summary: CVE-2018-1041 jboss-remoting: High CPU Denial of Service
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-1041
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1530459
Blocks: 1530445 1537472
TreeView+ depends on / blocked
 
Reported: 2018-01-03 05:40 UTC by Jason Shepherd
Modified: 2021-08-11 12:17 UTC (History)
28 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
Clone Of:
Environment:
Last Closed: 2019-06-08 03:36:04 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:0268 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 19:05:56 UTC
Red Hat Product Errata RHSA-2018:0269 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 22:11:04 UTC
Red Hat Product Errata RHSA-2018:0270 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 15:44:31 UTC
Red Hat Product Errata RHSA-2018:0271 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 19:08:06 UTC
Red Hat Product Errata RHSA-2018:0275 0 normal SHIPPED_LIVE Important: jboss-ec2-eap security, bug fix, and enhancement update 2018-02-05 19:24:53 UTC

Description Jason Shepherd 2018-01-03 05:40:50 UTC 
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
Comment 4 Jason Shepherd 2018-01-03 05:52:17 UTC 
By default JBoss EAP 7.x doesn't expose port 4447 as it uses HTTP-REMOTING over port 8080. Reference:

https://access.redhat.com/solutions/2360971
Comment 5 Jason Shepherd 2018-01-03 05:56:21 UTC 
I couldn't reproduce this issue on EAP 7.0.8 or 7.1.0 after exposing the 'native' connector as explained in previous comment (#4).
Comment 10 errata-xmlrpc 2018-02-05 10:27:37 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2018:0269 https://access.redhat.com/errata/RHSA-2018:0269
Comment 11 errata-xmlrpc 2018-02-05 10:41:42 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7

Via RHSA-2018:0268 https://access.redhat.com/errata/RHSA-2018:0268
Comment 12 errata-xmlrpc 2018-02-05 10:44:33 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5

Via RHSA-2018:0271 https://access.redhat.com/errata/RHSA-2018:0271
Comment 13 errata-xmlrpc 2018-02-05 10:47:23 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2018:0270 https://access.redhat.com/errata/RHSA-2018:0270
Comment 14 errata-xmlrpc 2018-02-05 14:25:03 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2018:0275 https://access.redhat.com/errata/RHSA-2018:0275
Note You need to log in before you can comment on or make changes to this bug.