Denial of Service via excessive resource consumption during certificate verification
Summary
Denial of Service via excessive resource consumption during certificate verification. Red Hat rates this moderate (CVSS 5.3). Weakness: CWE-407. Affected package(s): rhpam, rhaiis/vllm-rocm-rhel9:1778244531, gnutls-main, discovery/discovery-server-rhel9:1775668717, insights-proxy/insights-proxy-container-rhel9:1773685509, rhui5/rhua-rhel9:1773670137. Resolved in Red Hat advisory RHSA-2026:6618 — update the affected packages (`sudo dnf update`).
- rhpam-7/rhpam-controller-rhel8:7.13.5-4.1777325710
- rhpam-7/rhpam-kieserver-rhel8:7.13.5-4.1777325709
- rhaiis/vllm-rocm-rhel9:1778244531
- gnutls-main-3.8.12-1.1.hum1
- discovery/discovery-server-rhel9:1775668717
- insights-proxy/insights-proxy-container-rhel9:1773685509
- rhui5/rhua-rhel9:1773670137
- libtasn1-0:4.13-3.el8_6.2
- rhpam-7/rhpam-smartrouter-rhel8:7.13.5-4.1777325708
- libtasn1-0:4.13-4.el8_8.1
- rhpam-7/rhpam-businesscentral-monitoring-rhel8:7.13.5-4.1777325677
- rhaiis/vllm-rocm-rhel9:1775680262
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
- RHSA-2026:6618
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:6618 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.