Описание
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
A read-after-free vulnerability was discovered in Apache httpd, in mod_http2. A specially crafted http/2 client session could cause the server to read memory that was previously freed during connection shutdown, potentially leading to a crash.
Меры по смягчению последствий
This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including "h2" or "h2c" in the "Protocols" list in a configuration file. The following command can be used to search for possible vulnerable configurations: grep -R '^\sProtocols>.<h2>' /etc/httpd/ See https://httpd.apache.org/docs/2.4/mod/mod_http2.html
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | httpd | Not affected | ||
| Red Hat Enterprise Linux 6 | httpd | Not affected | ||
| Red Hat Enterprise Linux 7 | httpd | Not affected | ||
| Red Hat JBoss Enterprise Web Server 2 | httpd | Out of support scope | ||
| Red Hat JBoss Enterprise Web Server 2 | httpd22 | Out of support scope | ||
| Red Hat JBoss Web Server 3 | httpd24 | Out of support scope | ||
| Red Hat Software Collections | httpd24-httpd | Will not fix | ||
| JBoss Core Services Apache HTTP Server 2.4.37 SP2 | httpd | Fixed | RHSA-2020:1336 | 06.04.2020 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-apr | Fixed | RHSA-2020:1337 | 06.04.2020 |
| JBoss Core Services on RHEL 6 | jbcs-httpd24-brotli | Fixed | RHSA-2020:1337 | 06.04.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the h ...
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown.
Уязвимость реализации сетевого протокола HTTP/2 веб-сервера Apache HTTP Server, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3