File descriptor leak caused by JarURLConnection.getLastModified() when accessing the management console in EAP 7

Solution Verified - Updated 14 Jun 2024

Environment

Red Hat JBoss Enterprise Application Platform (EAP) 7.x

Issue

File descriptor leak happens when accessing the management console in EAP 7.x

Resolution

Apply EAP 7.1 CP3 (7.1.3) or later.
If you do not need to use the management console, you can workaround this issue by disabling the management console. See this knowledge article for details about disabling the management console.

Root Cause

This is a bug reported in Content from issues.jboss.org is not included.UNDERTOW-1338 which hits JVM's JarURLConnection.getLastModified() issue reported in Content from bugs.openjdk.java.net is not included.JDK-6956385.
This issue is also tracked at CVE-2018-1114 as a security vulnerabitly issue.

SBR

Product(s)

Red Hat JBoss Enterprise Application Platform

Components

jbossas

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.