#VU56634 Infinite loop


Published: 2021-09-15

Vulnerability identifier: #VU56634

Vulnerability risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-41079

CWE-ID: CWE-835

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Apache Tomcat
Server applications / Web servers

Vendor: Apache Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop when processing certain TLS packets. A remote attacker can send a specially crafted packet to the application, consume all available system resources and cause denial of service conditions.

Successful exploitation of vulnerability requires that Apache Tomcat is configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Apache Tomcat: 8.5.0, 8.5.1, 8.5.2, 8.5.3, 8.5.4, 8.5.5, 8.5.6, 8.5.7, 8.5.8, 8.5.9, 8.5.10, 8.5.11, 8.5.12, 8.5.13, 8.5.14, 8.5.15, 8.5.16, 8.5.17, 8.5.18, 8.5.19, 8.5.20, 8.5.21, 8.5.22, 8.5.23, 8.5.24, 8.5.25, 8.5.26, 8.5.27, 8.5.28, 8.5.29, 8.5.30, 8.5.31, 8.5.32, 8.5.33, 8.5.34, 8.5.35, 8.5.36, 8.5.37, 8.5.38, 8.5.39, 8.5.40, 8.5.41, 8.5.42, 8.5.43, 8.5.44, 8.5.45, 8.5.46, 8.5.47, 8.5.48, 8.5.49, 8.5.50, 8.5.51, 8.5.52, 8.5.53, 8.5.54, 8.5.55, 8.5.56, 8.5.57, 8.5.58, 8.5.59, 8.5.60, 8.5.61, 8.5.62, 8.5.63, 9.0.0, 9.0.0-M1, 9.0.0-M2, 9.0.0-M3, 9.0.0-M4, 9.0.0-M5, 9.0.0-M6, 9.0.0-M7, 9.0.0-M8, 9.0.0-M9, 9.0.0-M10, 9.0.0-M11, 9.0.0-M12, 9.0.0-M13, 9.0.0-M14, 9.0.0-M15, 9.0.0-M16, 9.0.0-M17, 9.0.0-M18, 9.0.0-M19, 9.0.0-M20, 9.0.0-M21, 9.0.0-M22, 9.0.0-M23, 9.0.0-M24, 9.0.0-M25, 9.0.0-M26, 9.0.0-M27, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.0.11, 9.0.12, 9.0.13, 9.0.14, 9.0.15, 9.0.16, 9.0.17, 9.0.18, 9.0.19, 9.0.20, 9.0.21, 9.0.22, 9.0.23, 9.0.24, 9.0.25, 9.0.26, 9.0.27, 9.0.28, 9.0.29, 9.0.30, 9.0.31, 9.0.32, 9.0.33, 9.0.34, 9.0.35, 9.0.36, 9.0.37, 9.0.38, 9.0.39, 9.0.40, 9.0.41, 9.0.42, 9.0.43, 10.0.0, 10.0.0-M1, 10.0.0-M2, 10.0.0-M3, 10.0.0-M4, 10.0.0-M5, 10.0.0-M6, 10.0.0-M7, 10.0.0-M8, 10.0.0-M9, 10.0.0-M10, 10.0.0.0-M1, 10.0.1, 10.0.2

CPE

External links
http://lists.apache.org/thread.html/rccdef0349fdf4fb73a4e4403095446d7fe6264e0a58e2df5c6799434%40%3Cannounce.tomcat.apache.org%3E


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability