Bug #2860: CVE-2013-4180 - Potential DoS in HostsController - Foreman

Actions

Copy link

Bug #2860

closed

CVE-2013-4180 - Potential DoS in HostsController

Added by Marek Hulán over 11 years ago. Updated over 11 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Marek Hulán

Category:

Security

Target version:

1.2.2

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

HostController#power and HostController#ipmi_boot convert user input to symbol which could lead to memory exhaustion. Patch already sent, so setting Ready For Testing status.

Files

0001-fixes-2860-don-t-convert-arbitrary-input-into-symbol.patch	0001-fixes-2860-don-t-convert-arbitrary-input-into-symbol.patch	2.09 KB		Dominic Cleal, 07/30/2013 01:19 PM
0001-fixes-2860-don-t-convert-arbitrary-input-into-symbol.patch	0001-fixes-2860-don-t-convert-arbitrary-input-into-symbol.patch	2.09 KB	added CVE identifier	Dominic Cleal, 08/19/2013 12:39 PM

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Custom queries

Bug #2860

CVE-2013-4180 - Potential DoS in HostsController

Updated by Dominic Cleal over 11 years ago

Updated by Marek Hulán over 11 years ago

Updated by Dominic Cleal over 11 years ago

Updated by Dominic Cleal over 11 years ago

Updated by Dominic Cleal over 11 years ago

Updated by Marek Hulán over 11 years ago