Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-25824: Fix loop in blocking read on transport timeout · airtower-luna/mod_gnutls@d7eec4e

Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Versions from 0.9.0 to 0.12.0 (including) did not properly fail blocking read operations on TLS connections when the transport hit timeouts. Instead it entered an endless loop retrying the read operation, consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space. The problem has been fixed in commit d7eec4e598158ab6a98bf505354e84352f9715ec, please update to version 0.12.1. There are no workarounds, users who cannot update should apply the errno fix detailed in the security advisory.

CVE
Open in Source
#debian#dos#apache#perl#ssl

Permalink

Browse files

Fix loop in blocking read on transport timeout

The loop was cased by an incorrect errno if the transport read in mgs_transport_read() fails with an APR TIMEUP status, as happens when mod_reqtimeout limits are exceeded. Setting the transport errno to EGAIN meant that a blocking read would be retried endlessly, setting ETIMEDOUT instead makes the read fail as it should.

The bug was introduced in commit 92cb0cc, first release to include it was 0.9.0.

Many thanks to Félix Arreola Rodríguez for the detailed analysis [1] on the Debian bug tracker!

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942737#25

  • Loading branch information

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE