CVE-2023-5685 : Xnio: stackoverflowexception when the chain of notifier states becomes problematically big

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2023-5685 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

Xnio: stackoverflowexception when the chain of notifier states becomes problematically big

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).

来源: 美国国家漏洞数据库 NVD

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

未加控制的资源消耗(资源穷尽)

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Red Hat XNIO 安全漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Red Hat XNIO是美国红帽（Red Hat）公司的一款底层I/O（输入/输出）框架。 Red Hat XNIO 存在安全漏洞，该漏洞源于存在堆栈溢出异常，从而导致资源管理失控和拒绝服务(DoS)。

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Red Hat	Red Hat build of Apache Camel 4.4.0 for Spring Boot	-	`cpe:/a:redhat:apache-camel-spring-boot:4.4.0`
Red Hat	Red Hat JBoss Enterprise Application Platform 7	-	`cpe:/a:redhat:jboss_enterprise_application_platform:7.4`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:3.1.16-3.SP1_redhat_00001.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:1.7.6-2.redhat_00003.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:1.68.0-1.redhat_00005.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:1.4.197-2.redhat_00005.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:2.0.15-1.Final_redhat_00001.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:3.5.10-1.Final_redhat_00001.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:7.1.8-2.GA_redhat_00002.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7	0:2.7.1-26.redhat_00015.1.ep7.el7 ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:3.4.10-1.SP1_redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:1.7.6-8.redhat_00003.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:1.4.197-3.redhat_00004.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:2.0.1-4.Final_redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:2.0.15-1.Final_redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:1.7.2-12.Final_redhat_00013.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:3.7.13-1.Final_redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:1.2.2-2.Final_redhat_00002.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:7.3.11-4.GA_redhat_00002.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:2.3.3-2.redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:2.7.1-38.redhat_00015.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7	0:2.2.3-2.redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8	0:3.8.11-1.SP1_redhat_00001.1.el8eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9	0:3.8.11-1.SP1_redhat_00001.1.el9eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9`
Red Hat	Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7	0:3.8.11-1.SP1_redhat_00001.1.el7eap ~ *	`cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7`
Red Hat	Red Hat build of Apache Camel for Spring Boot 3	-	`cpe:/a:redhat:camel_spring_boot:3`
Red Hat	Red Hat build of Apache Camel - HawtIO 4	-	`cpe:/a:redhat:apache_camel_hawtio:4`
Red Hat	Red Hat Build of Keycloak	-	`cpe:/a:redhat:build_keycloak:`
Red Hat	Red Hat Data Grid 8	-	`cpe:/a:redhat:jboss_data_grid:8`
Red Hat	Red Hat Integration Camel K 1	-	`cpe:/a:redhat:integration:1`
Red Hat	Red Hat JBoss Data Grid 7	-	`cpe:/a:redhat:jboss_data_grid:7`
Red Hat	Red Hat JBoss Enterprise Application Platform 8	-	`cpe:/a:redhat:jboss_enterprise_application_platform:8`
Red Hat	Red Hat JBoss Enterprise Application Platform Expansion Pack	-	`cpe:/a:redhat:jbosseapxp`
Red Hat	Red Hat JBoss Fuse Service Works 6	-	`cpe:/a:redhat:jboss_fuse_service_works:6`
Red Hat	Red Hat Process Automation 7	-	`cpe:/a:redhat:jboss_enterprise_bpms_platform:7`
Red Hat	Red Hat Single Sign-On 7	-	`cpe:/a:redhat:red_hat_single_sign_on:7`

二、漏洞 CVE-2023-5685 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2023-5685 的情报信息

Please 登录 to view more intelligence information

https://access.redhat.com/security/cve/CVE-2023-5685vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2241822issue-trackingx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7639vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2707vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7638vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7641vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7637vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10207vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10208vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2023-5685

四、漏洞 CVE-2023-5685 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2023-5685 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-5685 的公开POC

三、漏洞 CVE-2023-5685 的情报信息

四、漏洞 CVE-2023-5685 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2023-5685 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2023-5685 的公开POC

三、漏洞 CVE-2023-5685 的情报信息

四、漏洞 CVE-2023-5685 的评论

发表评论

一、漏洞 CVE-2023-5685 基础信息