Uploaded image for project: 'AMQ Streams'
  1. AMQ Streams
  2. ENTMQST-6422

CVE-2024-7254 protobuf: StackOverflow vulnerability in Protocol Buffers

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • 2.8.0.GA
    • 2.7.0.GA
    • None
    • None

      A flaw was found in Protocol Buffers (protobuf). This issue can allows an attacker to cause a StackOverflow via parsing untrusted Protocol Buffers data containing arbitrarily nested SGROUP tags, leading to unbounded recursion.

      https://access.redhat.com/security/cve/cve-2024-7254

       

            [ENTMQST-6422] CVE-2024-7254 protobuf: StackOverflow vulnerability in Protocol Buffers

            Errata Tool added a comment -

            Since the problem described in this issue should be resolved in a recent advisory, it has been closed.

            For information on the advisory (Moderate: Streams for Apache Kafka 2.8.0 release and security update), and where to find the updated files, follow the link below.

            If the solution does not work for you, open a new bug report.
            https://access.redhat.com/errata/RHSA-2024:9571

            Errata Tool added a comment - Since the problem described in this issue should be resolved in a recent advisory, it has been closed. For information on the advisory (Moderate: Streams for Apache Kafka 2.8.0 release and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2024:9571

              Unassigned Unassigned
              chfoley Christopher Foley
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: