Is CVE-2024-1635 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 5%.

What products does CVE-2024-1635 affect?

Tracked products affected include JBoss. Check the version you run to see whether it is affected.

How do I fix CVE-2024-1635?

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2024-1635

Q: What is CVE-2024-1635?

CVE-2024-1635 is a high-severity software vulnerability (Uncontrolled resource consumption) with a CVSS score of 7.5. A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connecti

HIGH severity · CVSS 7.5 · Uncontrolled resource consumption

7.5CVSS HIGH

Summary

A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available. At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges requiredNone

User interactionNone

Confidentiality impactNone

Integrity impactNone

Availability impactHigh

Exploit probability (EPSS)5%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products we track (1)

JBoss

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

NVD record
https://access.redhat.com/errata/RHSA-2024:1674Advisory
https://access.redhat.com/errata/RHSA-2024:1675Advisory
https://access.redhat.com/errata/RHSA-2024:1676Advisory
https://access.redhat.com/errata/RHSA-2024:1677Advisory
https://access.redhat.com/errata/RHSA-2024:1860Advisory
https://access.redhat.com/errata/RHSA-2024:1861Advisory
https://access.redhat.com/errata/RHSA-2024:1862Advisory
https://access.redhat.com/errata/RHSA-2024:1864Advisory