Showing 1 - 25 of 121

CVE-2023-39325

Status Candidate

Overview

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.

Related Files

Red Hat Security Advisory 2024-1765-03: Posted Apr 23, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1765-03 - Red Hat OpenShift Container Platform release 4.14.21 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 05481f7c3649a9e35aede703a8538b33720ac9d22340adc40f7958520c4d04de; Download | Favorite | View

Red Hat Security Advisory 2024-1770-03: Posted Apr 17, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1770-03 - Red Hat OpenShift Container Platform release 4.15.9 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | daee32868e7ca70e2bde712186648be799e997daa39555af43a1ec11879bd6d9; Download | Favorite | View

Red Hat Security Advisory 2024-1572-03: Posted Apr 3, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1572-03 - Red Hat OpenShift Container Platform release 4.12.54 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 60434a47d41fd723b913ce39f134663ea9ecbd84f54bda9de217da51e443283a; Download | Favorite | View

Red Hat Security Advisory 2024-1464-03: Posted Mar 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1464-03 - Red Hat OpenShift Container Platform release 4.11.59 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d923fa30065852ae0a83cda8a9dbf574449cb506ee1506cc7c34af2265d9920e; Download | Favorite | View

Red Hat Security Advisory 2024-1449-03: Posted Mar 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1449-03 - Red Hat OpenShift Container Platform release 4.15.5 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 411f8be9e2cd7e31467ea75a03c86dbda9b5cc6baf18efa8cff43e0323028924; Download | Favorite | View

Red Hat Security Advisory 2024-1458-03: Posted Mar 27, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1458-03 - Red Hat OpenShift Container Platform release 4.14.18 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 7a0151c80a85d152c9d9040e75203632a9286f02cafca6a401b093e08121249d; Download | Favorite | View

Red Hat Security Advisory 2024-1454-03: Posted Mar 27, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1454-03 - Red Hat OpenShift Container Platform release 4.13.38 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 71bace167afcc96939c35c388f9fa93c27cfc6960e677ca356311fa3f9c29d5a; Download | Favorite | View

Red Hat Security Advisory 2024-1037-03: Posted Mar 7, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1037-03 - Red Hat OpenShift Container Platform release 4.13.36 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 5d7d154d2cc0073a8f42e62a4daf7a9e98a3ad019079deca2a3102a76f5e1909; Download | Favorite | View

Red Hat Security Advisory 2024-1052-03: Posted Mar 6, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-1052-03 - Red Hat OpenShift Container Platform release 4.12.51 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | e494948c55a00247768991156a543f65750a55ba774040322b7f3ccb3b1ec888; Download | Favorite | View

Red Hat Security Advisory 2024-0302-03: Posted Mar 6, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0302-03 - Kube Descheduler Operator for Red Hat OpenShift 5.0.0 for RHEL 9.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 5f5277605c823a06cf73ee9ab7a0cc4a127ba95f405d564711f66dcbda0a65f7; Download | Favorite | View

Red Hat Security Advisory 2024-0946-03: Posted Feb 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0946-03 - Red Hat OpenShift Container Platform release 4.13.35 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | c7918df94e4b2c86cb33e139d456d7f54e9a8741020efcb19d0005d06d6d1877; Download | Favorite | View

Red Hat Security Advisory 2024-0941-03: Posted Feb 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0941-03 - Red Hat OpenShift Container Platform release 4.14.14 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 88515d8dc20b43876aa27fd2b6ea898a9382283551f5b1568a1b7fb39619d92a; Download | Favorite | View

Red Hat Security Advisory 2024-0766-03: Posted Feb 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0766-03 - Red Hat OpenShift Container Platform release 4.15.0 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 0b26eca9dcc849bc191d462ba5264489f4737c4f0172c2b4f44c30fafc4a93f8; Download | Favorite | View

Red Hat Security Advisory 2024-0269-03: Posted Feb 28, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0269-03 - An update for run-once-duration-override-container, run-once-duration-override-operator-bundle-container, and run-once-duration-override-operator-container is now available for RODOO-1.1-RHEL-9. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 46625cb3eb40e90ad293ce294aea948362a70da1520a790c756bf54de3a4e920; Download | Favorite | View

Red Hat Security Advisory 2024-0833-03: Posted Feb 26, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0833-03 - Red Hat OpenShift Container Platform release 4.12.50 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 86eab7c365c054b85dd2d9596b3c028609cb6ee42eb6378d148f65f4389833fd; Download | Favorite | View

Red Hat Security Advisory 2024-0837-03: Posted Feb 21, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0837-03 - Red Hat OpenShift Container Platform release 4.14.13 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d1bdf47cb8160404fe1823442680fae112d3f1c54d5ff3b387c3907fd6f7cc8d; Download | Favorite | View

Red Hat Security Advisory 2024-0664-03: Posted Feb 9, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0664-03 - Red Hat OpenShift Container Platform release 4.12.49 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 1da07cdb9aa4a53f1187e7f3fcb279754ceec250b05709a09b3e42f4c25e3ff5; Download | Favorite | View

Red Hat Security Advisory 2024-0660-03: Posted Feb 8, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0660-03 - Red Hat OpenShift Container Platform release 4.13.32 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | d1deb804d0bf3831445ba66f8c6e6712dacebbb5bbdee193372f7a42944ed6fb; Download | Favorite | View

Red Hat Security Advisory 2024-0642-03: Posted Feb 8, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0642-03 - An update is now available for Red Hat OpenShift Container Platform 4.14. Issues addressed include denial of service and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 067c672d45f32da5faea03fc51d1c52b2b5db641ef22c66e5fb097dc8344f747; Download | Favorite | View

Red Hat Security Advisory 2024-0484-03: Posted Feb 2, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0484-03 - Red Hat OpenShift Container Platform release 4.13.31 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | ed0abdf5084bca41a7e826e8b9844a8e96dedf41534bff01ec99c36841743575; Download | Favorite | View

Red Hat Security Advisory 2024-0306-03: Posted Jan 26, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0306-03 - Red Hat OpenShift Container Platform release 4.11.57 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 09837e1c2e8758cb9ff8c02560439bf394ca34852ae1d83b053f97dd7d591351; Download | Favorite | View

Red Hat Security Advisory 2024-0290-03: Posted Jan 24, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0290-03 - Red Hat OpenShift Container Platform release 4.14.10 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | e51d95e8f7abd8b3cad2fb79d59dd19b709f17a3b1cdd651c8441d81900c5b7b; Download | Favorite | View

Red Hat Security Advisory 2024-0273-03: Posted Jan 22, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0273-03 - Red Hat OpenShift Virtualization release 4.12.9 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 7d6dc48a300a56764286234cc29b8a38012a8f5f7ce3342fa362205027d419fe; Download | Favorite | View

Red Hat Security Advisory 2024-0059-03: Posted Jan 10, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0059-03 - Red Hat OpenShift Container Platform release 4.11.56 is now available with updates to packages and images that fix several bugs and add enhancements.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 49c06eccca0ba467ba63ac3ed4d4b074656037fe514c0064bd2fd06e67d1d149; Download | Favorite | View

Red Hat Security Advisory 2024-0050-03: Posted Jan 10, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0050-03 - Red Hat OpenShift Container Platform release 4.14.8 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-39325; SHA-256 | 219cc50123824ca704eda09509c2069ea8c48ff967e72eee81c19e50fe57c98e; Download | Favorite | View

Page 1 of 5 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 205 files
Ubuntu 54 files
Debian 28 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 7 files
Google Security Research 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files
Jann Horn 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,023)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,346)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,586)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,464)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2023-39325

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems