CVE-2017-5637

Priority
Description
Two four letter word commands "wchp/wchc" are CPU intensive and could cause
spike of CPU utilization on Apache ZooKeeper server if abused, which leads
to the server unable to serve legitimate client requests. Apache ZooKeeper
thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10,
3.5.3, and later.
Package
Upstream:released (3.4.5+dfsg-2+deb8u2, 3.4.9-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.4.10-3)
Ubuntu 18.10 (Cosmic Cuttlefish):not-affected (3.4.10-3)
Ubuntu 19.04 (Disco Dingo):not-affected (3.4.10-3)
More Information

Updated: 2019-03-26 11:23:57 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)