Memory Leak Vulnerability in WildFly by Red Hat
CVE-2020-25689

5.3MEDIUM

Key Information:

Vendor: Red Hat
Status: Wildfly-core
Vendor: CVE Published:; 2 November 2020

What is CVE-2020-25689?

A memory leak issue exists in WildFly, specifically affecting all versions up to 21.0.0.Final. When the host-controller attempts to reconnect to the domain-controller, it enters a loop that creates new connections without closing the previously established ones. This can lead to exhaustive memory consumption, potentially causing an Out of Memory (OOM) condition and resulting in denial of service. Such behavior significantly impacts the availability of the system, allowing for service interruptions that can affect users and applications relying on the WildFly server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

wildfly-core up to 21.0.0.Final

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25689

https://security.netapp.com/advisory/ntap-20201123-0006/

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 2, 2020
Vulnerability Reserved
Sep 16, 2020

JSON

Red Hat

What is CVE-2020-25689?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.