CVE-2017-12174
- Source
- https://cve.org/CVERecord?id=CVE-2017-12174
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12174.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-12174
- Aliases
- Downstream
- Published
- 2018-03-07T22:29:00.243Z
- Modified
- 2026-02-17T00:05:26.445206Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
- References
-
- https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E
- https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E
- https://access.redhat.com/errata/RHSA-2018:0268
- https://access.redhat.com/errata/RHSA-2018:0269
- https://access.redhat.com/errata/RHSA-2018:0270
- https://access.redhat.com/errata/RHSA-2018:0271
- https://access.redhat.com/errata/RHSA-2018:0275
- https://access.redhat.com/errata/RHSA-2018:0478
- https://access.redhat.com/errata/RHSA-2018:0479
- https://access.redhat.com/errata/RHSA-2018:0480
- https://access.redhat.com/errata/RHSA-2018:0481
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12174
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12174