CVE-2018-10237

medium

Description

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

References

https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion

https://access.redhat.com/errata/RHSA-2018:2428

https://access.redhat.com/errata/RHSA-2018:2425

https://access.redhat.com/errata/RHSA-2018:2424

https://access.redhat.com/errata/RHSA-2018:2423

https://access.redhat.com/errata/RHSA-2018:2598

https://access.redhat.com/errata/RHSA-2018:2643

https://access.redhat.com/errata/RHSA-2018:2743

https://access.redhat.com/errata/RHSA-2018:2742

https://access.redhat.com/errata/RHSA-2018:2741

https://access.redhat.com/errata/RHSA-2018:2740

http://www.securitytracker.com/id/1041707

https://access.redhat.com/errata/RHSA-2018:2927

https://lists.apache.org/thread.html/[email protected]%3Chdfs-dev.hadoop.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommon-dev.hadoop.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgitbox.activemq.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cassandra.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.activemq.apache.org%3E

https://access.redhat.com/errata/RHSA-2019:2858

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://access.redhat.com/errata/RHSA-2019:3149

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cusers.kafka.apache.org%3E

https://www.oracle.com/security-alerts/cpuapr2020.html

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.syncope.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommon-dev.hadoop.apache.org%3E

https://www.oracle.com/security-alerts/cpujul2020.html

https://lists.apache.org/thread.html/[email protected]%3Cuser.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.lucene.apache.org%3E

https://www.oracle.com/security-alerts/cpujan2021.html

https://lists.apache.org/thread.html/[email protected]%3Cissues.maven.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.flink.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.samza.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.storm.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cgithub.arrow.apache.org%3E

https://www.oracle.com/security-alerts/cpuoct2021.html

https://security.netapp.com/advisory/ntap-20220629-0008/

Details

Source: MITRE

Published: 2018-04-26

Updated: 2022-06-29

Type: CWE-770

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM