https://bugzilla.redhat.com/show_bug.cgi?id=2130599
Bug ID: 2130599
Summary: CVE-2021-43980: Apache Tomcat: Information disclosure
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: high
Priority: high
Assignee: security-response-team(a)redhat.com
Reporter: amctagga(a)redhat.com
CC: alee(a)redhat.com, coolsvap(a)gmail.com,
csutherl(a)redhat.com, gzaronikas(a)gmail.com,
huwang(a)redhat.com, ivan.afonichev(a)gmail.com,
java-sig-commits(a)lists.fedoraproject.org,
krzysztof.daniel(a)gmail.com
Target Milestone: ---
Classification: Other
Severity: important
Description:
The simplified implementation of blocking reads and writes introduced in
Tomcat 10 and back-ported to Tomcat 9.0.47 onwards exposed a long
standing (but extremely hard to trigger) concurrency bug in Apache
Tomcat 10.1.0 to 10.1.0-M12, 10.0.0-M1 to 10.0.18, 9.0.0-M1 to 9.0.60
and 8.5.0 to 8.5.77 that could cause client connections to share an
Http11Processor instance resulting in responses, or part responses, to
be received by the wrong client.
Credit:
Thanks to Adam Thomas, Richard Hernandez and Ryan Schmitt for
discovering the issue and working with the Tomcat security team to
identify the root cause and appropriate fix.
References:
https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2130599