Mageia 9: MGASA-2024-0267 Critical: Tomcat Resource Consumption Issue
mageia
July 15, 2024
Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat
Summary
Improper Handling of Exceptional Conditions, Uncontrolled Resource
Consumption vulnerability in Apache Tomcat. When processing an HTTP/2
stream, Tomcat did not handle some cases of excessive HTTP headers
correctly. This led to a miscounting of active HTTP/2 streams which in
turn led to the use of an incorrect infinite timeout which allowed
connections to remain open which should have been closed.
(CVE-2024-34750)
References
- https://bugs.mageia.org/show_bug.cgi?id=33367
- https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.90
- https://www.cve.org/CVERecord?id=CVE-2024-34750
Resolution
SRPMS
- 9/core/tomcat-9.0.90-1.mga9
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 15 Jul 2024
URL: https://advisories.mageia.org/MGASA-2024-0267.html
Type: security
CVE: CVE-2024-34750
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!