CVE-2023-34462

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.94.Final

Description The issue is related to the SniHandler class in Netty, which can allocate up to 16MB of heap for each channel during the TLS handshake. This can be exploited to cause a denial of service, potentially leading to an OutOfMemoryError. The SniHandler waits for the TLS handshake to configure a SslHandler according to the indicated server name by the ClientHello record, allocating a ByteBuf using the value defined in the ClientHello record. Normally, the value of the packet should be smaller than the handshake packet, but there are no checks done here, and it is possible to craft a packet that makes the SslClientHelloHandler allocate a large amount of memory.

Recommendations For versions prior to 4.1.94.Final, update to version 4.1.94.Final to fix the issue. As a temporary workaround, consider configuring an idle timeout handler to prevent excessive memory allocation. Restrict access to the SniHandler to minimize the risk of exploitation. Avoid using the SniHandler without proper configuration and monitoring to prevent potential denial of service attacks.