Bug 2209689 (CVE-2023-3223) - CVE-2023-3223 undertow: OutOfMemoryError due to @MultipartConfig handling
Summary: CVE-2023-3223 undertow: OutOfMemoryError due to @MultipartConfig handling
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-3223
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2208052
TreeView+ depends on / blocked
 
Reported: 2023-05-24 14:00 UTC by Patrick Del Bello
Modified: 2025-02-19 15:28 UTC (History)
75 users (show)

Fixed In Version: undertow 2.2.24
Clone Of:
Environment:
Last Closed: 2023-08-07 20:08:17 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:4505 0 None None None 2023-08-07 15:14:57 UTC
Red Hat Product Errata RHSA-2023:4506 0 None None None 2023-08-07 15:15:36 UTC
Red Hat Product Errata RHSA-2023:4507 0 None None None 2023-08-07 15:16:39 UTC
Red Hat Product Errata RHSA-2023:4509 0 None None None 2023-08-07 15:02:27 UTC
Red Hat Product Errata RHSA-2023:4918 0 None None None 2023-08-31 13:25:27 UTC
Red Hat Product Errata RHSA-2023:4919 0 None None None 2023-08-31 13:25:17 UTC
Red Hat Product Errata RHSA-2023:4920 0 None None None 2023-08-31 13:25:35 UTC
Red Hat Product Errata RHSA-2023:4921 0 None None None 2023-08-31 13:25:46 UTC
Red Hat Product Errata RHSA-2023:4924 0 None None None 2023-08-31 13:29:27 UTC
Red Hat Product Errata RHSA-2023:7247 0 None None None 2023-11-15 17:07:56 UTC
Red Hat Product Errata RHSA-2024:3354 0 None None None 2024-05-23 22:45:40 UTC

Description Patrick Del Bello 2023-05-24 14:00:17 UTC 
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause OutOfMemoryError due to huge sized multipart content .This vulnerability can be exploited by unauthorized users to cause remote Denial-of-Service (DoS) attack. And if the server use fileSizeThreshold for the file size limit, it's possible to bypass the limit by setting the file name in the request to null.
Comment 5 errata-xmlrpc 2023-08-07 15:02:25 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2023:4509 https://access.redhat.com/errata/RHSA-2023:4509
Comment 6 errata-xmlrpc 2023-08-07 15:14:56 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4505
Comment 7 errata-xmlrpc 2023-08-07 15:15:35 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4506
Comment 8 errata-xmlrpc 2023-08-07 15:16:38 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4507
Comment 9 Product Security DevOps Team 2023-08-07 20:08:14 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-3223
Comment 13 errata-xmlrpc 2023-08-31 13:25:14 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 8

Via RHSA-2023:4919 https://access.redhat.com/errata/RHSA-2023:4919
Comment 14 errata-xmlrpc 2023-08-31 13:25:23 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 7

Via RHSA-2023:4918 https://access.redhat.com/errata/RHSA-2023:4918
Comment 15 errata-xmlrpc 2023-08-31 13:25:31 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 9

Via RHSA-2023:4920 https://access.redhat.com/errata/RHSA-2023:4920
Comment 16 errata-xmlrpc 2023-08-31 13:25:41 UTC 
This issue has been addressed in the following products:

  RHEL-8 based Middleware Containers

Via RHSA-2023:4921 https://access.redhat.com/errata/RHSA-2023:4921
Comment 17 errata-xmlrpc 2023-08-31 13:29:23 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6.5

Via RHSA-2023:4924 https://access.redhat.com/errata/RHSA-2023:4924
Comment 18 errata-xmlrpc 2023-11-15 17:07:52 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse 7.12.1

Via RHSA-2023:7247 https://access.redhat.com/errata/RHSA-2023:7247
Comment 19 errata-xmlrpc 2024-05-23 22:45:35 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse 7.13.0

Via RHSA-2024:3354 https://access.redhat.com/errata/RHSA-2024:3354
Note You need to log in before you can comment on or make changes to this bug.