Bug 1216169

Summary: VUL-0: netty: protect against DDOS caused by RST floods (CVE-2023-44487)
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/381677/
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1216123    

Description Alexander Bergmann 2023-10-12 10:53:56 UTC 
The netty code was improved to protected against possible RST floods

Upstream commit:
https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61

We are tracking all "HTTP/2 Rapid Reset Attack" related bugs within bsc#1216123.
Comment 2 Maintenance Automation 2023-10-24 12:30:13 UTC 
SUSE-SU-2023:4163-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1216169
CVE References: CVE-2023-44487
Sources used:
Development Tools Module 15-SP4 (src): netty-tcnative-2.0.62-150200.3.16.1
Development Tools Module 15-SP5 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Package Hub 15 15-SP5 (src): netty-4.1.100-150200.4.20.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): netty-tcnative-2.0.62-150200.3.16.1
SUSE Enterprise Storage 7.1 (src): netty-tcnative-2.0.62-150200.3.16.1
openSUSE Leap 15.4 (src): netty-tcnative-2.0.62-150200.3.16.1, netty-4.1.100-150200.4.20.1
openSUSE Leap 15.5 (src): netty-tcnative-2.0.62-150200.3.16.1, netty-4.1.100-150200.4.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 3 Maintenance Automation 2023-10-26 12:30:25 UTC 
SUSE-SU-2023:4210-1: An update that solves five vulnerabilities can now be installed.

Category: security (important)
Bug References: 1215415, 1215416, 1215417, 1216162, 1216169
CVE References: CVE-2023-36478, CVE-2023-36479, CVE-2023-40167, CVE-2023-41900, CVE-2023-44487
Sources used:
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Enterprise Storage 7.1 (src): jetty-minimal-9.4.53-150200.3.22.1
openSUSE Leap 15.4 (src): jetty-minimal-9.4.53-150200.3.22.1
openSUSE Leap 15.5 (src): jetty-minimal-9.4.53-150200.3.22.1
Development Tools Module 15-SP4 (src): jetty-minimal-9.4.53-150200.3.22.1
Development Tools Module 15-SP5 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): jetty-minimal-9.4.53-150200.3.22.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): jetty-minimal-9.4.53-150200.3.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 4 Fridrich Strba 2024-03-05 09:25:31 UTC 
Fixed, please close.
Comment 6 Thomas Leroy 2024-05-07 07:46:41 UTC 
All done, closing.