CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
47.2%
io.netty:netty-handler is vulnerable to Denial of Service (DoS) attacks. During TLS handshakes, the SniHandler
class can allocate up to 16MB of heap for each channel. The SniHandler
is used to establish a TCP server when the handler or channel has no idle timeout. In order to configure an SSL handler using the server name from the ClientHello
record, it waits for the TLS handshake. There are no checks to ensure the handshake packet is larger then the data packet, therefore it is possible to create a packet that triggers the “SslClientHelloHandler”, which could be used to cause denial of service through memory exhaustion if there is no idle timeout set.
github.com/advisories/GHSA-6mjq-h674-j845
github.com/netty/netty/commit/535da17e45201ae4278c0479e6162bb4127d4c32
github.com/netty/netty/security/advisories/GHSA-6mjq-h674-j845
security.netapp.com/advisory/ntap-20230803-0001/
security.netapp.com/advisory/ntap-20240621-0007/
www.debian.org/security/2023/dsa-5558