CVE-2024-1394 is a vulnerability identified in the Red Hat Ansible Automation Platform 2.4 running on RHEL 8, stemming from a memory leak in the RSA encryption/decryption code implemented in Golang. Specifically, the issue lies in the handling of memory objects 'pkey' and 'ctx' within the function located at github.com/golang-fips/openssl/openssl/rsa.go#L113. The function uses named return parameters and a deferred cleanup function intended to free these objects if an error occurs during context initialization or property setting. However, all error-related return statements follow a pattern ('return nil, nil, fail(...)') that results in 'pkey' and 'ctx' being nil when the deferred cleanup runs, preventing proper memory release. This leads to a memory leak that can be triggered by attacker-controlled inputs, causing resource exhaustion on the affected system. The vulnerability does not impact confidentiality or integrity but severely affects availability by enabling denial of service conditions. It can be exploited remotely without requiring authentication or user interaction. Although no known exploits are currently reported in the wild, the vulnerability has a CVSS 3.1 score of 7.5, indicating high severity. The flaw affects automation platforms critical for IT orchestration, making it a significant risk for enterprise environments relying on Red Hat Ansible Automation Platform 2.4 on RHEL 8.

The primary impact of CVE-2024-1394 is on system availability due to potential resource exhaustion from memory leaks. For European organizations, especially those using Red Hat Ansible Automation Platform 2.4 on RHEL 8 for automating IT workflows, this vulnerability could lead to denial of service conditions, disrupting critical automation tasks and operational continuity. The absence of confidentiality or integrity impact means data breaches or manipulation are unlikely; however, operational disruptions can cause significant business impact, including downtime, delayed deployments, and increased operational costs. Large-scale or heavily automated environments are particularly vulnerable as repeated exploitation can rapidly consume system memory. Additionally, the vulnerability can be exploited remotely without authentication or user interaction, increasing the risk of widespread disruption. Organizations in sectors with high reliance on automation platforms, such as finance, telecommunications, and manufacturing, may face amplified operational risks.

1. Monitor Red Hat and Golang project advisories closely and apply official patches or updates for Red Hat Ansible Automation Platform 2.4 and underlying Golang libraries as soon as they become available. 2. Implement resource usage monitoring and alerting specifically for memory consumption on systems running the affected platform to detect abnormal increases indicative of exploitation attempts. 3. Employ network-level protections such as rate limiting and traffic filtering to reduce exposure to potentially malicious inputs targeting the RSA encryption functions. 4. Isolate critical automation infrastructure within segmented network zones to limit the blast radius of potential denial of service attacks. 5. Conduct regular vulnerability assessments and penetration testing focusing on automation platforms to identify and remediate memory leak or resource exhaustion issues proactively. 6. Consider temporary workarounds such as restarting affected services periodically to release leaked memory until patches are applied. 7. Educate system administrators and DevOps teams about the vulnerability and encourage prompt incident response readiness.