CVE & CISA-KEV Catalog

CVE-2024-8447

MEDIUM
5.9
CVSS v3
NVD

Description

A security issue was discovered in the LRA Coordinator component of Narayana. When Cancel is called in LRA, an execution time of approximately 2 seconds occurs. If Join is called with the same LRA ID within that timeframe, the application may crash or hang indefinitely, leading to a denial of service.

How to fix

Remediation Available
eap8-eap-product-conf-parentRocky
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
eap8-eap-product-conf-parentRed Hat / RHEL
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
eap8-eap-product-conf-wildfly-ee-feature-packRed Hat / RHEL
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
eap8-eap-product-conf-wildfly-ee-feature-packRocky
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el8eapRHSA-2025:3357
Fixed in:0:800.6.1-1.GA_redhat_00001.1.el9eapRHSA-2025:3357
eap8-nettyRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-nettyRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-bufferRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-bufferRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codecRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codecRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-dnsRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-dnsRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-httpRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-httpRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-socksRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-codec-socksRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-commonRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-commonRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-handlerRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-handlerRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-handler-proxyRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-handler-proxyRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-resolverRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-resolverRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-resolver-dnsRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-resolver-dnsRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transportRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transportRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-classes-epollRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-classes-epollRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-epollRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-epollRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-epoll-debuginfoRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-epoll-debuginfoRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-unix-commonRocky
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-netty-transport-native-unix-commonRed Hat / RHEL
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el8eapRHSA-2025:3357
Fixed in:0:4.1.119-1.Final_redhat_00002.1.el9eapRHSA-2025:3357
eap8-slf4jRocky
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
eap8-slf4jRed Hat / RHEL
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
eap8-slf4j-apiRed Hat / RHEL
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
eap8-slf4j-apiRocky
Fixed in:0:2.0.16-2.redhat_00003.1.el8eapRHSA-2025:3357
Fixed in:0:2.0.16-2.redhat_00003.1.el9eapRHSA-2025:3357
eap8-wildflyRed Hat / RHEL
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildflyRocky
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk11Red Hat / RHEL
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk11Rocky
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk17Rocky
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk17Red Hat / RHEL
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk21Red Hat / RHEL
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-java-jdk21Rocky
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-modulesRed Hat / RHEL
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357
eap8-wildfly-modulesRocky
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el8eapRHSA-2025:3357
Fixed in:0:8.0.6-15.GA_redhat_00009.1.el9eapRHSA-2025:3357

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.61%probability of exploitation in 30 days
45thpercentile

Moderate risk: more likely to be exploited than 45% of all known CVEs.

References

Embed a live status badge for CVE-2024-8447
CVE-2024-8447 severity badge

Markdown

[![CVE-2024-8447](https://tridentstack.com/cve/badge/CVE-2024-8447.svg)](https://tridentstack.com/cve/CVE-2024-8447)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-8447"><img src="https://tridentstack.com/cve/badge/CVE-2024-8447.svg" alt="CVE-2024-8447"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-05-14.