3 matches found
Narayana deadlock via multiple join requests sent to LRA Coordinator
A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of...
CVE-2024-8447
CVE-2024-8447 describes a deadlock in Narayana’s LRA Coordinator: when Cancel is followed by a Join on the same LRA within ~2 seconds, the application may crash or hang, causing a denial of service. The issue is addressed in Red Hat advisories RHSA-2025:3357/3358 for JBoss EAP XP 5.0 and EAP 8.x,...
PT-2025-3700 · Narayana · Narayana
Name of the Vulnerable Software and Affected Versions: Narayana affected versions not specified Description: A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the...