Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2020-11612

The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/net...
MISC: https://github.com/net...
MISC: https://github.com/net...
MLIST: [druid-commits] 202004...
MLIST: [druid-commits] 202004...
MLIST: [druid-commits] 202004...
MLIST: [druid-commits] 202004...
MLIST: [druid-commits] 202004...
MLIST: [druid-commits] 202004...
MLIST: [zookeeper-dev] 202004...
MLIST: [zookeeper-issues] 202...
MLIST: [zookeeper-issues] 202...
MLIST: [zookeeper-issues] 202...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MLIST: [pulsar-commits] 20200...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-issues] 202...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MISC: https://lists.apache.o...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-commits] 20...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MLIST: [zookeeper-notificatio...
MLIST: [debian-lts-announce] ...
MLIST: [flink-dev] 20200910 [...
MLIST: [flink-issues] 2020091...
FEDORA: FEDORA-2020-66b5f85ccc
CONFIRM: https://security.netap...
MISC: https://www.oracle.com...
MLIST: [pulsar-commits] 20210...
MLIST: [pulsar-commits] 20210...
MLIST: [pulsar-commits] 20210...
DEBIAN: DSA-4885
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...
MISC: https://www.oracle.com...

Launchpad.net

CVE 2020-11612

Related bugs

References