CVE-2023-34455 (https://github.com/xerial/snappy-java/security/advisories/GHSA-qcwq-55hx-v3vh): The code in the function hasNextChunk in the fileSnappyInputStream.java checks if a given stream has more chunks to read. It does that by attempting to read 4 bytes. If it wasn’t possible to read the 4 bytes, the function returns false. Otherwise, if 4 bytes were available, the code treats them as the length of the next chunk. In the case that the `compressed` variable is null, a byte array is allocated with the size given by the input data. Since the code doesn’t test the legality of the `chunkSize` variable, it is possible to pass a negative number (such as 0xFFFFFFFF which is -1), which will cause the code to raise a `java.lang.NegativeArraySizeException` exception. A worse case would happen when passing a huge positive value (such as 0x7FFFFFFF), which would raise the fatal `java.lang.OutOfMemoryError` error.
This issue has been addressed in the following products: RHINT Camel-Springboot 3.18.3.2 Via RHSA-2023:5147 https://access.redhat.com/errata/RHSA-2023:5147
This issue has been addressed in the following products: RHINT Camel-Springboot 3.20.2 Via RHSA-2023:5148 https://access.redhat.com/errata/RHSA-2023:5148
This issue has been addressed in the following products: Red Hat AMQ Streams 2.5.0 Via RHSA-2023:5165 https://access.redhat.com/errata/RHSA-2023:5165
This issue has been addressed in the following products: RHINT Service Registry 2.5.4 GA Via RHSA-2023:7653 https://access.redhat.com/errata/RHSA-2023:7653
This issue has been addressed in the following products: Red Hat build of Quarkus 2.13.9 Via RHSA-2023:7700 https://access.redhat.com/errata/RHSA-2023:7700
This issue has been addressed in the following products: Red Hat Integration Via RHSA-2023:7705 https://access.redhat.com/errata/RHSA-2023:7705
This issue has been addressed in the following products: RHINT Camel-K 1.10.5 Via RHSA-2024:0148 https://access.redhat.com/errata/RHSA-2024:0148