CVE-2024-29025
ADVISORY - githubSummary
Summary
The HttpPostRequestDecoder can be tricked to accumulate data. I have spotted currently two attack vectors
Details
- While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attacher can send a chunked post consisting of many small fields that will be accumulated in the
bodyListHttpDatalist. - The decoder cumulates bytes in the
undecodedChunkbuffer until it can decode a field, this field can cumulate data without limits
PoC
Here is a Netty branch that provides a fix + tests : https://github.com/vietj/netty/tree/post-request-decoder
Here is a reproducer with Vert.x (which uses this decoder) https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3
Impact
Any Netty based HTTP server that uses the HttpPostRequestDecoder to decode a form.
EPSS Score: 0.00056 (0.175)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Allocation of Resources Without Limits or Throttling
ADVISORY - github
Allocation of Resources Without Limits or Throttling
ADVISORY - gitlab
ADVISORY - redhat
Allocation of Resources Without Limits or Throttling
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-29025
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-5jpm-x58v-624v
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2024-29025
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-29025
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AmediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2024-29025
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-4f97-xch2-fqp3
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-6cwx-g7qh-f32h
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-7mgp-57h7-566c
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-7p98-j4rx-8p2r
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-7wc9-mhwq-jwvr
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-8j3m-v98r-qphw
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-c95w-hpgw-m6fm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-cvrj-h7rr-r975
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-cx4c-8h3v-frh7
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-cx67-5fmv-3xqf
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-hc93-8f6j-gjx4
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-hfg5-99f4-gpwm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-jx63-354g-58c6
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-mg88-xp72-r37f
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-mgv4-g226-vxr2
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-q576-4g28-x6p5
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-q64j-qccg-v8v2
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-r5f9-9h89-fvvx
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-vcc9-rm4p-6mgh
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-wgjc-48pj-2f8c
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-whmv-c3jv-fc9f
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-wqhj-xxjq-qrjf
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-x7wj-6xrg-5wpm
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-