Showing 76 - 100 of 124

CVE-2023-39325

Status Candidate

Overview

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.

Related Files

Red Hat Security Advisory 2023-6272-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6272-01 - Red Hat OpenShift Container Platform release 4.11.53 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | b3728c4a3168f486b48150443de529c7cf481dc96bcd3be25306f34b1205659e; Download | Favorite | View

Red Hat Security Advisory 2023-6271-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6271-01 - Red Hat OpenShift Container Platform release 4.11.53 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | ff1a94068fb25cb4fa679d1739b4a0064f3c7cc835666c427c5ea0759a237ae0; Download | Favorite | View

Red Hat Security Advisory 2023-6257-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6257-01 - Red Hat OpenShift Container Platform release 4.13.21 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 2b15ea8482df16acb2e943e0407d99b94521f944a6442f0ba6a3e615212c6550; Download | Favorite | View

Red Hat Security Advisory 2023-6256-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6256-01 - Red Hat OpenShift Container Platform release 4.13.21 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 0b5fe90b2b2b1e2974e835348848d36eb1d5c3f1175f32389034880518767f52; Download | Favorite | View

Red Hat Security Advisory 2023-6243-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6243-01 - An update for openshift-gitops-kam is now available for Red Hat OpenShift GitOps 1.10.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 4c3d8f024c4ee98e42c5247eb81b75fcd93f503336fdaabb6915c7558d0bfffc; Download | Favorite | View

Red Hat Security Advisory 2023-6240-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6240-01 - An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-must-gather NUMA-aware secondary scheduler and numaresources-operator is now available for Red Hat OpenShift Container Platform 4.13.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 01a2b654a7372cb6cad5f93acf3a431c3cfb4030bb3c0bba609d15e1bc5fa4e2; Download | Favorite | View

Red Hat Security Advisory 2023-6233-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6233-01 - Red Hat OpenShift Container Platform low-latency extras release 4.12, which provides an update for cnf-tests-container, performance-addon-operator-must-gather-rhel8-container, NUMA-aware secondary scheduler and numaresources-operator, is now available. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 30e933934a3623b1c2daa85a03ff8891b90d5ed6e1a018fdf51eecd076ceeffc; Download | Favorite | View

Red Hat Security Advisory 2023-6220-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6220-01 - An update is now available for Red Hat OpenShift GitOps 1.10.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d917e577ae7ab84e6b83df0eec162abd88c73c256c1141cb6e0981f20981674d; Download | Favorite | View

Red Hat Security Advisory 2023-6217-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6217-01 - Red Hat OpenShift Container Platform low-latency extras release 4.14, which provides an update for cnf-tests-container, dpdk-base-container, NUMA-aware secondary scheduler and numaresources-operator is now available. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | f10d4aaac1d57515ab4e8f6f6d591dfd5c1eba10bdac057a5be42c1665e53bae; Download | Favorite | View

Red Hat Security Advisory 2023-6126-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6126-01 - Red Hat OpenShift Container Platform release 4.12.41 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 33e4066b9dddf885244a8521110e339542272b5046add8ec1e46667947c8474f; Download | Favorite | View

Red Hat Security Advisory 2023-6125-01: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6125-01 - Red Hat OpenShift Container Platform release 4.12.41 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 443d1cc86e932af73569356064831c9a268be25e952f55e6bf1b18b603abe4a0; Download | Favorite | View

Red Hat Security Advisory 2023-5005-02: Posted Nov 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5005-02 - Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 06b7029d2336493b31693127311f24180e8dcb54ccdd80d55daa12944a58fd12; Download | Favorite | View

Red Hat Security Advisory 2023-6165-01: Posted Oct 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6165-01 - An update for skupper-cli and skupper-router is now available for Service Interconnect 1 for RHEL 8 and Service Interconnect 1 for RHEL 9. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 4d0180776e30ef062a74c134d74cc72507aa745f42c3cffb334d68e0fc022ece; Download | Favorite | View

Red Hat Security Advisory 2023-6129-01: Posted Oct 31, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6129-01 - Red Hat OpenShift Container Platform release 4.13.19 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | a88edeac687c569ff54ff7050ac7ffc1c4f420380c7c361ee3adffe7f10e029e; Download | Favorite | View

Red Hat Security Advisory 2023-6121-01: Posted Oct 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6121-01 - The Migration Toolkit for Containers 1.8.1 is now available.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 4e5e7ee8f3ea7b17ed83564b3f8c461275dc9ff10781a9f3b1d24e6e27fce8d5; Download | Favorite | View

Red Hat Security Advisory 2023-6118-01: Posted Oct 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6118-01 - An update is now available for OADP-1.2-RHEL-8. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | f0269f20a9921c1e0ebad8b6a62038c6ea8a1e4e3744703e268eb10240960231; Download | Favorite | View

Red Hat Security Advisory 2023-6116-01: Posted Oct 26, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6116-01 - OpenShift API for Data Protection 1.0.14 is now available.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | a2bd83d596484cf88c13d1779a789e252420fddeeb7d5f8d4cae26a448f91158; Download | Favorite | View

Red Hat Security Advisory 2023-6084-01: Posted Oct 25, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6084-01 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 21981642e1b8343855205e239cf44f99aad33b67cdee44cd51a79360ace31a57; Download | Favorite | View

Red Hat Security Advisory 2023-5895-01: Posted Oct 25, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5895-01 - Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d43d0984f34c6f0941a393bafa7175b46e3a44732920a6a994cad500bd88c829; Download | Favorite | View

Red Hat Security Advisory 2023-6077-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6077-01 - An updated rhel9/toolbox container image is now available in the Red Hat container registry.; tags | advisory, registry; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | b39ff68d6d417c602836d68e8c64e888eee007061c204c6506f4867c407bc84c; Download | Favorite | View

Red Hat Security Advisory 2023-6071-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6071-01 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | caa5ec90c2bc051f045330623cf79a7676c593e9e3dd25369f87e40a73fdde67; Download | Favorite | View

Red Hat Security Advisory 2023-6061-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6061-01 - Red Hat OpenShift Pipelines 1.12.1 has been released. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | ce6189ccc22b1274dbbcc97c9bf8591a273659fe1e7bd85b8295ad7ed53170db; Download | Favorite | View

Red Hat Security Advisory 2023-6059-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6059-01 - Red Hat OpenShift Pipelines Client tkn for 1.12.1 has been released. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | a4339d983d3b5ea17615c04f30761a62116d82b9120540887c5f03333631b09c; Download | Favorite | View

Red Hat Security Advisory 2023-6057-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6057-01 - An update for toolbox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d431231aa9d4c23c7d91cbd690fb04d3018a1dc83761bd7af5747faefec9458b; Download | Favorite | View

Red Hat Security Advisory 2023-6048-01: Posted Oct 24, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-6048-01 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 3233a828f6316335966d8d5d4b806f5f0b77b185b305520987275ef4b408be04; Download | Favorite | View

Page 4 of 5 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 239 files
Ubuntu 62 files
Debian 23 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,862)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,265)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,976)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2023-39325

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems