Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:41029
HistoryJun 27, 2023 - 7:44 a.m.

Denial Of Service (DoS)

2023-06-2707:44:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
denial of service
vulnerability
io.netty:netty-handler
tls handshakes
snihandler class
tcp server
ssl handler
clienthello record
memory exhaustion

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%

io.netty:netty-handler is vulnerable to Denial of Service (DoS) attacks. During TLS handshakes, the SniHandler class can allocate up to 16MB of heap for each channel. The SniHandler is used to establish a TCP server when the handler or channel has no idle timeout. In order to configure an SSL handler using the server name from the ClientHello record, it waits for the TLS handshake. There are no checks to ensure the handshake packet is larger then the data packet, therefore it is possible to create a packet that triggers the “SslClientHelloHandler”, which could be used to cause denial of service through memory exhaustion if there is no idle timeout set.

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.2%