Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49. Only mod_jk on Unix like systems is affected. Neither the ISAPI redirector nor mod_jk on Windows is affected. Users are recommended to upgrade to version 1.2.50, which fixes the issue.
This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2024:6928 https://access.redhat.com/errata/RHSA-2024:6928
This issue has been addressed in the following products: JBoss Core Services on RHEL 7 JBoss Core Services for RHEL 8 Via RHSA-2024:6927 https://access.redhat.com/errata/RHSA-2024:6927
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:7457 https://access.redhat.com/errata/RHSA-2024:7457
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Via RHSA-2024:8928 https://access.redhat.com/errata/RHSA-2024:8928
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:8929 https://access.redhat.com/errata/RHSA-2024:8929