Bug 1530457 (CVE-2018-1041) - CVE-2018-1041 jboss-remoting: High CPU Denial of Service
Summary: CVE-2018-1041 jboss-remoting: High CPU Denial of Service
Status: CLOSED ERRATA
Alias: CVE-2018-1041
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=moderate,public=20180205,repor...
Keywords: Security
Depends On: 1530459
Blocks: 1530445 1537472
TreeView+ depends on / blocked
 
Reported: 2018-01-03 05:40 UTC by Jason Shepherd
Modified: 2019-06-11 11:13 UTC (History)
27 users (show)

(edit)
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.
Clone Of:
(edit)
Last Closed: 2019-06-08 03:36:04 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:0268 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 19:05:56 UTC
Red Hat Product Errata RHSA-2018:0269 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 22:11:04 UTC
Red Hat Product Errata RHSA-2018:0270 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 15:44:31 UTC
Red Hat Product Errata RHSA-2018:0271 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.4.19 security update 2018-02-05 19:08:06 UTC
Red Hat Product Errata RHSA-2018:0275 normal SHIPPED_LIVE Important: jboss-ec2-eap security, bug fix, and enhancement update 2018-02-05 19:24:53 UTC

Description Jason Shepherd 2018-01-03 05:40:50 UTC
A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10.Final-redhat-1, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.

Comment 4 Jason Shepherd 2018-01-03 05:52:17 UTC
By default JBoss EAP 7.x doesn't expose port 4447 as it uses HTTP-REMOTING over port 8080. Reference:

https://access.redhat.com/solutions/2360971

Comment 5 Jason Shepherd 2018-01-03 05:56:21 UTC
I couldn't reproduce this issue on EAP 7.0.8 or 7.1.0 after exposing the 'native' connector as explained in previous comment (#4).

Comment 8 Jason Shepherd 2018-01-09 00:21:30 UTC
Acknowledgements:

(none)

Comment 10 errata-xmlrpc 2018-02-05 10:27:37 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2018:0269 https://access.redhat.com/errata/RHSA-2018:0269

Comment 11 errata-xmlrpc 2018-02-05 10:41:42 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7

Via RHSA-2018:0268 https://access.redhat.com/errata/RHSA-2018:0268

Comment 12 errata-xmlrpc 2018-02-05 10:44:33 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5

Via RHSA-2018:0271 https://access.redhat.com/errata/RHSA-2018:0271

Comment 13 errata-xmlrpc 2018-02-05 10:47:23 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2018:0270 https://access.redhat.com/errata/RHSA-2018:0270

Comment 14 errata-xmlrpc 2018-02-05 14:25:03 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2018:0275 https://access.redhat.com/errata/RHSA-2018:0275


Note You need to log in before you can comment on or make changes to this bug.