RHBA-2024%3A0599
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 as a component of MTA 7.0 for RHEL 9 | |
| Red Hat | mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 as a component of MTA 7.0 for RHEL 9 | *, mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64, * |
| Red Hat | mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64, *, mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 |
| Red Hat | mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 as a component of MTA 7.0 for RHEL 9 | *, *, mta/mta-analyzer-lsp-rhel9@sha256:5ecb233843ae369e5b7c1acae988e5a19bdc69f232df85abdfc37e921ca10e86_amd64 |
| Red Hat | mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 as a component of MTA 7.0 for RHEL 9 | *, mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64, * |
| Red Hat | mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 as a component of MTA 7.0 for RHEL 8 | mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64, mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64, mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 |
| Red Hat | mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64, mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64, * |
| Red Hat | mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64 as a component of MTA 7.0 for RHEL 9 | *, mta/mta-operator-bundle@sha256:323c8ff5f805ffbfdeef1e54208c9bf080564a8baf4b94acf9f4c98e85ebcb22_amd64, * |
| Red Hat | mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-windup-shim-rhel9@sha256:7ab7480cf40d5e71ab2b9c94f4f6e37d533209da317c70023bb82abe7216b498_amd64, *, * |
| Red Hat | mta/mta-analyzer-addon-rhel9@sha256:cdd94053c042f512f13ccf28b58c66ad2da74edb2f309f7e065ccd55570e5423_amd64 as a component of MTA 7.0 for RHEL 9 | *, *, * |
| Red Hat | mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64, mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64, mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 |
| Red Hat | mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64, mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64, * |
| Red Hat | mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 as a component of MTA 7.0 for RHEL 9 | *, mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64, mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 |
| Red Hat | mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 as a component of MTA 7.0 for RHEL 8 | *, *, mta/mta-rhel8-operator@sha256:773b71296ffb507938983d8afe563a5a7bd822c940dd3717cec8410c348d86d8_amd64 |
| Red Hat | mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 as a component of MTA 7.0 for RHEL 9 | *, *, mta/mta-hub-rhel9@sha256:b57ab84961a2ca5e2c67ed4a58d6445698d2fd195290010a2f5adf5928ce9938_amd64 |
| golang | ||
| Red Hat | mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 as a component of MTA 7.0 for RHEL 9 | *, mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64, mta/mta-cli-rhel9@sha256:394da54c8b6c523ac67ddb4643483d73c8f5d8246d480a4d326d07ae9ccd0d19_amd64 |
| Red Hat | mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 as a component of MTA 7.0 for RHEL 9 | mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64, mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64, mta/mta-ui-rhel9@sha256:74f0ab0f8f455ac4ae91e8450db2f7d3b2ce0fbccf51fea06d0444823cd32e9e_amd64 |
Timeline
- Jan 30, 2024 CVE Published
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Apr 25, 2026 Security Advisory
- Jun 19, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHBA-2024:0599 advisory
- https://issues.redhat.com/browse/MTA-1014 advisory
- https://issues.redhat.com/browse/MTA-1019 advisory
- https://issues.redhat.com/browse/MTA-1024 advisory
- https://issues.redhat.com/browse/MTA-1047 advisory
- https://issues.redhat.com/browse/MTA-1130 advisory
- https://issues.redhat.com/browse/MTA-1155 advisory
- https://issues.redhat.com/browse/MTA-1175 advisory
- https://issues.redhat.com/browse/MTA-1183 advisory
- https://issues.redhat.com/browse/MTA-1185 advisory
- https://issues.redhat.com/browse/MTA-1195 advisory
- https://issues.redhat.com/browse/MTA-1196 advisory
- https://issues.redhat.com/browse/MTA-1197 advisory
- https://issues.redhat.com/browse/MTA-1203 advisory
- https://issues.redhat.com/browse/MTA-1207 advisory
- https://issues.redhat.com/browse/MTA-1247 advisory
- https://issues.redhat.com/browse/MTA-1249 advisory
- https://issues.redhat.com/browse/MTA-1250 advisory
- https://issues.redhat.com/browse/MTA-1251 advisory
- https://issues.redhat.com/browse/MTA-1252 advisory
…and 264 more