[Bugs] [Bug 13559] New: [CVE 21] netty 4.1.13 CVEs found

bugzilla bugzilla на rosalinux.ru
Ср Авг 23 23:21:59 MSK 2023 

https://bugzilla.rosalinux.ru/show_bug.cgi?id=13559

          Platform: 2021.1
            Bug ID: 13559
           Summary: [CVE 21] netty 4.1.13  CVEs found
    Classification: ROSA-based products
           Product: ROSA Fresh
           Version: All
          Hardware: All
               URL: CVE-2023-34462,
                OS: Linux
            Status: CONFIRMED
          Severity: normal
          Priority: Normal
         Component: System (kernel, glibc, systemd, bash, PAM...)
          Assignee: bugs на lists.rosalinux.ru
          Reporter: y.tumanov на rosalinux.ru
        QA Contact: bugs на lists.rosalinux.ru
                CC: e.kosachev на rosalinux.ru, s.matveev на rosalinux.ru,
                    y.tumanov на rosalinux.ru
  Target Milestone: ---
             Flags: secteam_verified?

Please patch CVEs for package netty version 4.1.13

INFO (CVEs are): netty 4.1.13
 cves found
CVE-2023-34462
Desc: Netty is an asynchronous event-driven network application framework for
rapid development of maintainable high performance protocol servers & clients.
The `SniHandler` can allocate up to 16MB of heap for each channel during the
TLS handshake. When the handler or the channel does not have an idle timeout,
it can be used to make a TCP server using the `SniHandler` to allocate 16MB of
heap. The `SniHandler` class is a handler that waits for the TLS handshake to
configure a `SslHandler` according to the indicated server name by the
`ClientHello` record. For this matter it allocates a `ByteBuf` using the value
defined in the `ClientHello` record. Normally the value of the packet should be
smaller than the handshake packet but there are not checks done here and the
way the code is written, it is possible to craft a packet that makes the
`SslClientHelloHandler`. This vulnerability has been fixed in version
4.1.94.Final.
Link: https://nvd.nist.gov/vuln/detail/CVE-2023-34462
Severity: MEDIUM

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230823/6c801d43/attachment.html>

Подробная информация о списке рассылки Bugs