7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
14.2%
A vulnerability was found in Undertow. This vulnerability impacts a server
that supports the wildfly-http-client protocol. Whenever a malicious user
opens and closes a connection with the HTTP port of the server and then
closes the connection immediately, the server will end with both memory and
open file limits exhausted at some point, depending on the amount of memory
available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit
leaks connections if RemotingConnection is closed by Remoting
ServerConnectionOpenListener. Because the remoting connection originates in
Undertow as part of the HTTP upgrade, there is an external layer to the
remoting connection. This connection is unaware of the outermost layer when
closing the connection during the connection opening procedure. Hence, the
Undertow WriteTimeoutStreamSinkConduit is not notified of the closed
connection in this scenario. Because WriteTimeoutStreamSinkConduit creates
a timeout task, the whole dependency tree leaks via that task, which is
added to XNIO WorkerThread. So, the workerThread points to the Undertow
conduit, which contains the connections and causes the leak.