CVE-2023-3223: Undertow: outofmemoryerror due to @multipartconfig handling
First published: Wed May 24 2023(Updated: )
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Undertow | <2.2.24 | |
| Redhat Openshift Container Platform | =4.11 | |
| Redhat Openshift Container Platform | =4.12 | |
| Redhat Openshift Container Platform For Ibm Linuxone | =4.9 | |
| Redhat Openshift Container Platform For Ibm Linuxone | =4.10 | |
| Redhat Openshift Container Platform For Power | =4.9 | |
| Redhat Openshift Container Platform For Power | =4.10 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Jboss Enterprise Application Platform Text-only Advisories | ||
| Redhat Single Sign-on | ||
| Redhat Single Sign-on | =7.6 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =9.0 | |
| Redhat Jboss Enterprise Application Platform | =7.4 | |
| maven/io.undertow:undertow-parent | <2.2.24.Final | 2.2.24.Final |
| redhat/undertow | <2.2.24 | 2.2.24 |
| All of | ||
| Any of | ||
| Redhat Openshift Container Platform | =4.11 | |
| Redhat Openshift Container Platform | =4.12 | |
| Redhat Openshift Container Platform For Ibm Linuxone | =4.9 | |
| Redhat Openshift Container Platform For Ibm Linuxone | =4.10 | |
| Redhat Openshift Container Platform For Power | =4.9 | |
| Redhat Openshift Container Platform For Power | =4.10 | |
| Redhat Enterprise Linux | =8.0 | |
| All of | ||
| Redhat Single Sign-on | =7.6 | |
| Any of | ||
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| All of | ||
| Redhat Jboss Enterprise Application Platform | =7.4 | |
| Any of | ||
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| <2.2.24 | ||
| All of | ||
| Any of | ||
| =4.11 | ||
| =4.12 | ||
| =4.9 | ||
| =4.10 | ||
| =4.9 | ||
| =4.10 | ||
| =8.0 | ||
| All of | ||
| =7.6 | ||
| Any of | ||
| =7.0 | ||
| =8.0 | ||
| =9.0 | ||
| All of | ||
| =7.4 | ||
| Any of | ||
| =7.0 | ||
| =8.0 | ||
| =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2023:4505
- https://access.redhat.com/errata/RHSA-2023:4506
- https://access.redhat.com/errata/RHSA-2023:4507
- https://access.redhat.com/errata/RHSA-2023:4509
- https://access.redhat.com/errata/RHSA-2023:4918
- https://access.redhat.com/errata/RHSA-2023:4919
- https://access.redhat.com/errata/RHSA-2023:4920
- https://access.redhat.com/errata/RHSA-2023:4921
- https://access.redhat.com/errata/RHSA-2023:4924
- https://access.redhat.com/security/cve/CVE-2023-3223
- https://bugzilla.redhat.com/show_bug.cgi?id=2209689
- https://access.redhat.com/errata/RHSA-2023:7247
- https://security.netapp.com/advisory/ntap-20231027-0004/
- https://nvd.nist.gov/vuln/detail/CVE-2023-3223
- https://security.netapp.com/advisory/ntap-20231027-0004
- https://github.com/advisories/GHSA-65h2-wf7m-q2v8 (Advisory)
- https://access.redhat.com/security/cve/cve-2023-3223
- https://access.redhat.com/errata/RHSA-2024:3354
Frequently Asked Questions
What is CVE-2023-3223?
CVE-2023-3223 is a vulnerability found in undertow where servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content, allowing unauthorized users to cause a remote Denial of Service (DoS) attack.
How severe is CVE-2023-3223?
CVE-2023-3223 has a severity rating of high.
Which software is affected by CVE-2023-3223?
The affected software includes undertow versions up to exclusive 2.2.24, Redhat Undertow, Redhat Openshift Container Platform versions 4.11 and 4.12, Redhat Openshift Container Platform For IBM Linuxone versions 4.9 and 4.10, Redhat Openshift Container Platform For Power versions 4.9 and 4.10, Redhat Single Sign-on version 7.6, Redhat Jboss Enterprise Application Platform version 7.4.
How do I fix CVE-2023-3223?
To fix CVE-2023-3223, update undertow to version 2.2.24 or undertow-parent to version 2.2.24.Final depending on the software used. For Redhat products, refer to the respective security advisories provided in the references section for more information on the fix.
Where can I find more information about CVE-2023-3223?
You can find more information about CVE-2023-3223 in the Red Hat Security Advisories: RHSA-2023:4509, RHSA-2023:4505, and RHSA-2023:4506.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-65h2-wf7m-q2v8
- alias/CVE-2023-3223
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- collector/nvd-cve
- collector/github-advisory
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- vendor/redhat
- canonical/redhat undertow
- canonical/redhat openshift container platform
- version/redhat openshift container platform/4.11
- version/redhat openshift container platform/4.12
- canonical/redhat openshift container platform for ibm linuxone
- version/redhat openshift container platform for ibm linuxone/4.9
- version/redhat openshift container platform for ibm linuxone/4.10
- canonical/redhat openshift container platform for power
- version/redhat openshift container platform for power/4.9
- version/redhat openshift container platform for power/4.10
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- canonical/redhat jboss enterprise application platform text-only advisories
- canonical/redhat single sign-on
- version/redhat single sign-on/7.6
- version/redhat enterprise linux/7.0
- version/redhat enterprise linux/9.0
- canonical/redhat jboss enterprise application platform
- version/redhat jboss enterprise application platform/7.4
- package-manager/maven
- package-manager/redhat