Oval Definition:oval:org.opensuse.security:def:20222048
Revision Date:2023-06-22Version:1
Title:CVE-2022-2048
Description:

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no enough resources left to process good requests.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-2048
SUSE CVE-2022-2048
SUSE-CU-2023:712-1
SUSE-CU-2023:713-1
SUSE-CU-2023:714-1
SUSE-CU-2023:715-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Development Tools 15 SP4
SUSE Linux Enterprise Module for Development Tools 15 SP5
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND Package Information
  • jetty-http is affected
  • OR jetty-io is affected
  • OR jetty-security is affected
  • OR jetty-server is affected
  • OR jetty-servlet is affected
  • OR jetty-util is affected
  • OR jetty-util-ajax is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND Package Information
  • jetty-http is affected
  • OR jetty-io is affected
  • OR jetty-security is affected
  • OR jetty-server is affected
  • OR jetty-servlet is affected
  • OR jetty-util is affected
  • OR jetty-util-ajax is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Development Tools 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND Package Information
  • jetty-http-9.4.48-150200.3.16.3 is installed
  • OR jetty-io-9.4.48-150200.3.16.3 is installed
  • OR jetty-security-9.4.48-150200.3.16.3 is installed
  • OR jetty-server-9.4.48-150200.3.16.3 is installed
  • OR jetty-servlet-9.4.48-150200.3.16.3 is installed
  • OR jetty-util-9.4.48-150200.3.16.3 is installed
  • OR jetty-util-ajax-9.4.48-150200.3.16.3 is installed
    • BACK