CVE-2018-1041

Published: Feb 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.

Vendor	Product	Versions
Red Hat, Inc.	jboss-remoting	affected `since 3.3.10`

Weaknesses (CWE)

CWE-835

References

44099

exploit

x_refsource_EXPLOIT-DB

RHSA-2018:0269

vendor-advisory

x_refsource_REDHAT

RHSA-2018:0270

vendor-advisory

x_refsource_REDHAT

RHSA-2018:0271

vendor-advisory

x_refsource_REDHAT

RHSA-2018:0268

vendor-advisory

x_refsource_REDHAT

RHSA-2018:0275

vendor-advisory

x_refsource_REDHAT

1040323

vdb-entry

x_refsource_SECTRACK

https://bugzilla.redhat.com/show_bug.cgi?id=1530457

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1041

Description

Affected Products

Weaknesses (CWE)

References