There is an error in protocol parsing logic of mod_cluster load balancer Apache HTTP Server modules that allows attacker to cause a Segmentation Fault in the serving httpd process. The vector is mod_cluster service messages that are used by worker nodes to communicate their status, load and deployed applications to the mod_cluster balancer. With proper production configuration, the VirtualHost accepting these messages is accessible only from an internal network where worker nodes reside. The error cannot be exploited from the Internet by arbitrary clients. Upstream bug: https://issues.jboss.org/browse/JBCS-193
This issue has been addressed in the following products: Via RHSA-2016:2957 https://rhn.redhat.com/errata/RHSA-2016-2957.html
This issue has been addressed in the following products: JBoss Core Services on RHEL 7 Via RHSA-2017:0194 https://access.redhat.com/errata/RHSA-2017:0194
This issue has been addressed in the following products: JBoss Core Services on RHEL 6 Via RHSA-2017:0193 https://access.redhat.com/errata/RHSA-2017:0193