CVE-2024-6875 is a vulnerability identified in the Infinispan component used within Red Hat Data Grid, specifically affecting the REST compare API. The issue arises from a missing release of memory after its effective lifetime, resulting in a buffer leak. When an attacker sends continuous requests containing large POST data to the REST API, the system fails to free allocated memory properly, causing an out-of-memory (OOM) condition. This memory exhaustion can degrade system performance or cause crashes, leading to denial of service (DoS). The vulnerability has a CVSS 3.1 base score of 6.5, indicating medium severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. This means the attack can be performed remotely over the network with low privileges, requires no user interaction, and impacts availability only. No confidentiality or integrity impact is noted. The vulnerability does not require authentication but does require some level of privilege (PR:L), suggesting that the attacker must have some access to the REST API endpoint. There are no known exploits in the wild at the time of publication. The vulnerability was reserved in July 2024 and published in March 2025. No patches or mitigation links are currently provided, indicating that organizations should monitor vendor advisories closely. The root cause is a failure in memory management within the REST compare API, which is critical for applications relying on Red Hat Data Grid for distributed caching and data storage. Continuous large POST requests can be used as a vector to trigger the memory leak, potentially leading to service disruption.

For European organizations, the primary impact of CVE-2024-6875 is the risk of denial of service due to resource exhaustion in systems running Red Hat Data Grid with the vulnerable Infinispan component. This can disrupt critical applications that depend on distributed caching and data grid services, affecting business continuity and operational stability. Industries such as finance, telecommunications, and public sector entities that rely on Red Hat Data Grid for high availability and performance may experience service outages or degraded performance. Although confidentiality and integrity are not directly impacted, the availability impact can indirectly affect compliance with service-level agreements and regulatory requirements related to uptime and data availability. Organizations with exposed REST APIs or those that allow internal users or systems to send large POST requests without rate limiting are at higher risk. The lack of known exploits reduces immediate threat but does not eliminate the risk of future exploitation. The medium severity rating suggests that while the vulnerability is serious, it is not critical, but it warrants prompt attention to avoid potential denial of service scenarios.

To mitigate CVE-2024-6875, European organizations should implement the following specific measures: 1) Restrict access to the REST compare API by enforcing network segmentation and firewall rules to limit exposure only to trusted internal systems or authenticated users. 2) Implement rate limiting and request size restrictions on the REST API endpoints to prevent continuous large POST requests that could trigger the memory leak. 3) Monitor system memory usage and application logs for signs of memory leaks or abnormal resource consumption related to the Infinispan REST API. 4) Apply any available patches or updates from Red Hat as soon as they are released; maintain close communication with Red Hat support and subscribe to security advisories. 5) Conduct regular security assessments and penetration testing focusing on API abuse and resource exhaustion scenarios. 6) Consider deploying Web Application Firewalls (WAFs) or API gateways that can detect and block anomalous request patterns targeting the REST API. 7) If feasible, isolate the Red Hat Data Grid instances in containerized or virtualized environments with resource limits to contain potential impact. These measures go beyond generic advice by focusing on API access control, traffic shaping, and proactive monitoring tailored to the vulnerability's exploitation vector.