{"id":"DEBIAN-CVE-2017-7652","details":"In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available (default limit typically 1024 file descriptors on Linux), then opening the configuration file will fail.","modified":"2026-03-11T07:25:39.518696Z","published":"2018-04-25T13:29:00.490Z","upstream":["CVE-2017-7652"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2017-7652"}],"affected":[{"package":{"name":"mosquitto","ecosystem":"Debian:11","purl":"pkg:deb/debian/mosquitto?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.15-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2017-7652.json"}},{"package":{"name":"mosquitto","ecosystem":"Debian:12","purl":"pkg:deb/debian/mosquitto?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.15-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2017-7652.json"}},{"package":{"name":"mosquitto","ecosystem":"Debian:13","purl":"pkg:deb/debian/mosquitto?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.15-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2017-7652.json"}},{"package":{"name":"mosquitto","ecosystem":"Debian:14","purl":"pkg:deb/debian/mosquitto?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.15-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2017-7652.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}