Description
A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| unaffected |
|
||||||||
| Red Hat | CEQ 3.2 | unaffected | — | ||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Cryostat 2 on RHEL 8 | affected |
|
||||||
| Red Hat | Migration Toolkit for Runtimes 1 on RHEL 8 | affected |
|
||||||
| Red Hat | Migration Toolkit for Runtimes 1 on RHEL 8 | affected |
|
||||||
| Red Hat | Migration Toolkit for Runtimes 1 on RHEL 8 | affected |
|
||||||
| Red Hat | Migration Toolkit for Runtimes 1 on RHEL 8 | affected |
|
||||||
| Red Hat | MTA-6.2-RHEL-9 | affected |
|
||||||
| Red Hat | Red Hat AMQ Streams 2.7.0 | unaffected | — | ||||||
| Red Hat | Red Hat build of Apache Camel 4.4.1 for Spring Boot 3.2 | unaffected | — | ||||||
| Red Hat | Red Hat build of Quarkus 3.2.11.Final | affected |
|
||||||
| Red Hat | RHINT Service Registry 2.5.11 GA | unaffected | — | ||||||
| Red Hat | A-MQ Clients 2 | unaffected | — | ||||||
| Red Hat | OpenShift Serverless | unaffected | — | ||||||
| Red Hat | Red Hat AMQ Broker 7 | unaffected | — | ||||||
| Red Hat | Red Hat build of Apache Camel for Spring Boot 3 | affected | — | ||||||
| Red Hat | Red Hat Build of Keycloak | affected | — | ||||||
| Red Hat | Red Hat build of OptaPlanner 8 | affected | — | ||||||
| Red Hat | Red Hat build of Quarkus | affected | — | ||||||
| Red Hat | Red Hat Data Grid 8 | unaffected | — | ||||||
| Red Hat | Red Hat Fuse 7 | unaffected | — | ||||||
| Red Hat | Red Hat Integration Camel K 1 | affected | — | ||||||
| Red Hat | Red Hat Integration Camel Quarkus 2 | affected | — | ||||||
| Red Hat | Red Hat JBoss Data Grid 7 | affected | — | ||||||
| Red Hat | Red Hat JBoss Enterprise Application Platform 7 | unaffected | — | ||||||
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 | unaffected | — | ||||||
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | unaffected | — | ||||||
| Red Hat | Red Hat Process Automation 7 | affected | — |
No data.
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| CEQ 3.2 | |||
| vertx-core | cpe:/a:redhat:camel_quarkus:3 | RHSA-2024:1706 | 2024-04-09T00:00:00Z |
| Cryostat 2 on RHEL 8 | |||
| cryostat-tech-preview/cryostat-grafana-dashboard-rhel8:2.4.0-7 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| cryostat-tech-preview/cryostat-operator-bundle:2.4.0-4 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| cryostat-tech-preview/cryostat-reports-rhel8:2.4.0-4 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| cryostat-tech-preview/cryostat-rhel8:2.4.0-4 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| cryostat-tech-preview/cryostat-rhel8-operator:2.4.0-9 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| cryostat-tech-preview/jfr-datasource-rhel8:2.4.0-4 | cpe:/a:redhat:cryostat:2::el8 | RHSA-2024:2088 | 2024-04-29T00:00:00Z |
| Migration Toolkit for Runtimes 1 on RHEL 8 | |||
| mtr/mtr-operator-bundle:1.2-18 | cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8 | RHSA-2024:1923 | 2024-04-18T00:00:00Z |
| mtr/mtr-rhel8-operator:1.2-11 | cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8 | RHSA-2024:1923 | 2024-04-18T00:00:00Z |
| mtr/mtr-web-container-rhel8:1.2-12 | cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8 | RHSA-2024:1923 | 2024-04-18T00:00:00Z |
| mtr/mtr-web-executor-container-rhel8:1.2-10 | cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8 | RHSA-2024:1923 | 2024-04-18T00:00:00Z |
| MTA-6.2-RHEL-9 | |||
| mta/mta-windup-addon-rhel9:6.2.3-2 | cpe:/a:redhat:migration_toolkit_applications:6.2::el9 | RHSA-2024:3989 | 2024-06-20T00:00:00Z |
| Red Hat AMQ Streams 2.7.0 | |||
| vertx-core | cpe:/a:redhat:amq_streams:2 | RHSA-2024:3527 | 2024-05-30T00:00:00Z |
| Red Hat build of Apache Camel 4.4.1 for Spring Boot 3.2 | |||
| vertx-core | cpe:/a:redhat:apache_camel_spring_boot:4.4::el6 | RHSA-2024:4884 | 2024-07-25T00:00:00Z |
| Red Hat build of Quarkus 3.2.11.Final | |||
| io.vertx/vertx-core:4.4.8.redhat-00001 | cpe:/a:redhat:quarkus:3.2::el8 | RHSA-2024:1662 | 2024-04-03T00:00:00Z |
| RHINT Service Registry 2.5.11 GA | |||
| vertx-core | cpe:/a:redhat:service_registry:2.5 | RHSA-2024:2833 | 2024-05-14T00:00:00Z |
No data available yet.
Remediation
Vendor Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-1174 | A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading to memory exhaustion. This flaw allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error. |
 Github GHSA |
GHSA-9ph3-v2vh-3qx7 | Eclipse Vert.x vulnerable to a memory leak in TCP servers |
References
History
Wed, 25 Feb 2026 20:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-772 |
Wed, 25 Jun 2025 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs |
Tue, 24 Jun 2025 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:apache_camel_spring_boot:4.4::el6 |
Mon, 25 Nov 2024 05:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-400 |
Fri, 22 Nov 2024 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-1392 CWE-401 |
Thu, 19 Sep 2024 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 18 Sep 2024 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:/a:redhat:build_keycloak: |
Subscriptions
Redhat
Subscribe
A Mq Clients
Subscribe
Amq Broker
Subscribe
Amq Streams
Subscribe
Apache Camel Spring Boot
Subscribe
Build Keycloak
Subscribe
Camel Quarkus
Subscribe
Camel Spring Boot
Subscribe
Cryostat
Subscribe
Integration
Subscribe
Jboss Data Grid
Subscribe
Jboss Enterprise Application Platform
Subscribe
Jboss Enterprise Bpms Platform
Subscribe
Jboss Fuse
Subscribe
Jbosseapxp
Subscribe
Migration Toolkit Applications
Subscribe
Migration Toolkit Runtimes
Subscribe
Optaplanner
Subscribe
Quarkus
Subscribe
Serverless
Subscribe
Service Registry
Subscribe
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-02-25T19:31:07.332Z
Reserved: 2024-02-07T07:11:11.156Z
Link: CVE-2024-1300
Vulnrichment
Updated: 2024-08-01T18:33:25.527Z
NVD
Status : Awaiting Analysis
Published: 2024-04-02T08:15:53.993
Modified: 2026-02-25T20:17:16.663
Link: CVE-2024-1300
Redhat
OpenCVE Enrichment
No data.