A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2021-4213 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2042900 | Issue Tracking Patch Third Party Advisory |
https://github.com/dogtagpki/jss/commit/3aabe0e9d59b0a42e68ac8cd0468f9c5179967d2 | Patch Third Party Advisory |
https://github.com/dogtagpki/jss/commit/5922560a78d0dee61af8a33cc9cfbf4cfa291448 | Patch Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2021-4213 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2022-08-24T15:07:48
Updated: 2022-08-24T15:07:48
Reserved: 2022-01-25T00:00:00
Link: CVE-2021-4213
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-08-24T16:15:09.980
Modified: 2022-08-29T13:19:08.073
Link: CVE-2021-4213
JSON object: View
Redhat Information
No data.
CWE