Lucene search

K
redhatcveRedhat.comRH:CVE-2023-5685
HistoryMar 05, 2024 - 5:11 p.m.

CVE-2023-5685

2024-03-0517:11:25
redhat.com
access.redhat.com
215
xnio
notifierstate
stack overflow exception
uncontrolled resource management
denial of service
vulnerability
mitigation
updates

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0

Percentile

10.3%

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

Mitigation

There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.9

Confidence

High

EPSS

0

Percentile

10.3%