Denial of Service via crafted WireFormatInfo frame
Summary
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes the broker to attempt allocation during pre-auth negotiation which can trigger OOM and crash the broker. This issue affects Apache ActiveMQ Client: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ: before 5.19.8, from 6.0.0 before 6.2.7; Apache ActiveMQ All: before 5.19.8, from 6.0.0 before 6.2.7. Users are recommended to upgrade to version 6.2.7 or 5.19.8, which fixes the issue. A flaw was found in Apache ActiveMQ. An unauthenticated network attacker can exploit this vulnerability by sending a specially crafted WireFormatInfo frame with an excessively large size value. This unvalidated value causes the broker to attempt an oversized memory allocation during pre-authentication negotiation. Consequently, this can lead to an Out Of Memory (OOM) error, resulting in a Denial of Service (DoS) and crashing the broker. A flaw was found in Apache ActiveMQ Classic's OpenWire protocol handling. An unauthenticated remote attacker can crash the broker by sending a crafted WireFormatInfo frame with a malicious oversized value during pre-authentication protocol negotiation, causing an Out of Memory condition. Red Hat AMQ Broker is based on Apache ActiveMQ Artemis, but its OpenWire protocol support delegates wire format negotiation to Classic ActiveMQ's activemq-client code, which is vulnerable to this attack on the OpenWire listener port. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships. Will not fix / out of support: Red Hat Fuse 7.
Mitigation checklist
- Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Official advisory · high-confidence parse· fetched 1 hour ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.