CVE-2018-10237

MEDIUM

Description

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

References

http://www.securitytracker.com/id/1041707

https://access.redhat.com/errata/RHSA-2018:2423

https://access.redhat.com/errata/RHSA-2018:2424

https://access.redhat.com/errata/RHSA-2018:2425

https://access.redhat.com/errata/RHSA-2018:2428

https://access.redhat.com/errata/RHSA-2018:2598

https://access.redhat.com/errata/RHSA-2018:2643

https://access.redhat.com/errata/RHSA-2018:2740

https://access.redhat.com/errata/RHSA-2018:2741

https://access.redhat.com/errata/RHSA-2018:2742

https://access.redhat.com/errata/RHSA-2018:2743

https://access.redhat.com/errata/RHSA-2018:2927

https://access.redhat.com/errata/RHSA-2019:2858

https://access.redhat.com/errata/RHSA-2019:3149

https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommon-dev.hadoop.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cassandra.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Chdfs-dev.hadoop.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cuser.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.syncope.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/rc78f6e84f82cc66[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommon-dev.hadoop.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

Details

Source: MITRE

Published: 2018-04-26

Updated: 2020-08-14

Type: CWE-502

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM