Bug 2292211 (CVE-2024-5971) - CVE-2024-5971 undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket
Summary: CVE-2024-5971 undertow: response write hangs in case of Java 17 TLSv1.3 NewSe...
Keywords:
Status: NEW
Alias: CVE-2024-5971
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2292210
TreeView+ depends on / blocked
 
Reported: 2024-06-13 13:56 UTC by Patrick Del Bello
Modified: 2024-08-28 07:14 UTC (History)
76 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource consumption, leaving the server side to a denial of service attack. This happens only with Java 17 TLSv1.3 scenarios.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:4392 0 None None None 2024-07-08 22:19:25 UTC
Red Hat Product Errata RHSA-2024:4884 0 None None None 2024-07-25 19:26:38 UTC
Red Hat Product Errata RHSA-2024:5143 0 None None None 2024-08-08 17:23:37 UTC
Red Hat Product Errata RHSA-2024:5144 0 None None None 2024-08-08 17:24:03 UTC
Red Hat Product Errata RHSA-2024:5145 0 None None None 2024-08-08 17:22:22 UTC
Red Hat Product Errata RHSA-2024:5147 0 None None None 2024-08-08 17:25:05 UTC

Description Patrick Del Bello 2024-06-13 13:56:06 UTC 
A vulnerability was found in Undertow. Undertow chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in an uncontrolled resource consumption leaving the server side to a Denial of Service vulnerability attack. This happens only with Java 17 TLSv1.3 scenarios.
Comment 2 errata-xmlrpc 2024-07-08 22:19:21 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:4392 https://access.redhat.com/errata/RHSA-2024:4392
Comment 4 errata-xmlrpc 2024-07-25 19:26:33 UTC 
This issue has been addressed in the following products:

  Red Hat build of Apache Camel 4.4.1 for Spring Boot

Via RHSA-2024:4884 https://access.redhat.com/errata/RHSA-2024:4884
Comment 5 errata-xmlrpc 2024-08-08 17:22:18 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:5145 https://access.redhat.com/errata/RHSA-2024:5145
Comment 6 errata-xmlrpc 2024-08-08 17:23:33 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:5143 https://access.redhat.com/errata/RHSA-2024:5143
Comment 7 errata-xmlrpc 2024-08-08 17:23:58 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:5144 https://access.redhat.com/errata/RHSA-2024:5144
Comment 8 errata-xmlrpc 2024-08-08 17:25:01 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:5147 https://access.redhat.com/errata/RHSA-2024:5147
Comment 9 Andreaa Ferrason 2024-08-28 07:14:41 UTC 
When dealing with issues related to Undertow's response write hanging in the context of Java 17 and TLSv1.3's NewSessionTicket, you might be encountering a complex problem that involves the interaction between the web server (Undertow)  https://geometrydashbreeze.org
Note You need to log in before you can comment on or make changes to this bug.