Undertow is vulnerable to denial of service (DoS) attacks. The library does not close its streaming websocket properly, leading to an infinite loop. A malicious user can use this behavior to cause multiple infinite loops that lead to the system running out of resources and crashing.
rhn.redhat.com/errata/RHSA-2017-1409.html
www.securityfocus.com/bid/98965
access.redhat.com/errata/RHSA-2017:1410
access.redhat.com/errata/RHSA-2017:1411
access.redhat.com/errata/RHSA-2017:1412
access.redhat.com/errata/RHSA-2017:3454
access.redhat.com/errata/RHSA-2017:3455
access.redhat.com/errata/RHSA-2017:3456
access.redhat.com/errata/RHSA-2017:3458
bugzilla.redhat.com/show_bug.cgi?id=1438885
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2670
github.com/undertow-io/undertow/commit/08d6eaf61dab51403990e1fffa4c1d53212e4722
issues.jboss.org/browse/UNDERTOW-1035
www.debian.org/security/2017/dsa-3906