A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-04T06:46:30.305Z

Reserved: 2019-11-27T00:00:00

Link: CVE-2020-1700

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-07T21:15:10.433

Modified: 2024-11-21T05:11:11.900

Link: CVE-2020-1700

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-01-31T16:55:00Z

Links: CVE-2020-1700 - Bugzilla

cve-icon OpenCVE Enrichment

No data.