CVE-2017-5637: DOS attack on wchp/wchc four letter words (4lw)
Severity: moderate
Vendor:
The Apache Software Foundation
Versions Affected:
ZooKeeper 3.4.0 to 3.4.9
ZooKeeper 3.5.0 to 3.5.2
The unsupported ZooKeeper 1.x through 3.3.x versions may be also affected
Note: The 3.5 branch is still beta
Could be. What does the environment look like?
Patrick
On Thu, Oct 5, 2017 at 4:55 AM, Stevo Slavić wrote:
> I created same node/path on a different cluster and delete works, so yes,
> it seems length or characters used in the path is not an issue.
>
> What else could it be? Corrupted data?
>
>
According to the logs the reads are timing out:
java.net.SocketTimeoutException: Read timed out
this could be any number of things, networking/cpu/ - resource
starvation. For example I mentioned GC previously, did you turn on GC
logging and rule that out?
The "leaderServes" option might also