The Solaris pollset feature in the Event Port backend in...
Moderate severity
Unreviewed
Published
May 2, 2022
to the GitHub Advisory Database
•
Updated Mar 23, 2026
Description
Published by the National Vulnerability Database
Oct 13, 2009
Published to the GitHub Advisory Database
May 2, 2022
Last updated
Mar 23, 2026
The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.
References