Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2024:1786

Опубликовано: 06 мая 2024
Источник: rocky
Оценка: Important

Описание

Important: httpd:2.4/mod_http2 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: mod_http2: CONTINUATION frames DoS (CVE-2024-27316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
httpdx86_6462.module+el8.9.0+1436+2b7d5021httpd-2.4.37-62.module+el8.9.0+1436+2b7d5021.x86_64.rpm
httpd-develx86_6462.module+el8.9.0+1436+2b7d5021httpd-devel-2.4.37-62.module+el8.9.0+1436+2b7d5021.x86_64.rpm
httpd-filesystemnoarch62.module+el8.9.0+1436+2b7d5021httpd-filesystem-2.4.37-62.module+el8.9.0+1436+2b7d5021.noarch.rpm
httpd-filesystemnoarch62.module+el8.9.0+1436+2b7d5021httpd-filesystem-2.4.37-62.module+el8.9.0+1436+2b7d5021.noarch.rpm
httpd-manualnoarch62.module+el8.9.0+1436+2b7d5021httpd-manual-2.4.37-62.module+el8.9.0+1436+2b7d5021.noarch.rpm
httpd-manualnoarch62.module+el8.9.0+1436+2b7d5021httpd-manual-2.4.37-62.module+el8.9.0+1436+2b7d5021.noarch.rpm
httpd-toolsx86_6462.module+el8.9.0+1436+2b7d5021httpd-tools-2.4.37-62.module+el8.9.0+1436+2b7d5021.x86_64.rpm
mod_http2x86_648.module+el8.9.0+1370+89cc8ad5.3mod_http2-1.15.7-8.module+el8.9.0+1370+89cc8ad5.3.x86_64.rpm
mod_ldapx86_6462.module+el8.9.0+1436+2b7d5021mod_ldap-2.4.37-62.module+el8.9.0+1436+2b7d5021.x86_64.rpm
mod_mdx86_648.module+el8.9.0+1370+89cc8ad5mod_md-2.0.8-8.module+el8.9.0+1370+89cc8ad5.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-27316

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-27316

CVSS3: 7.5
ubuntu
больше 1 года назад

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

redhat логотип

CVE-2024-27316

CVSS3: 7.5
redhat
больше 1 года назад

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

nvd логотип

CVE-2024-27316

CVSS3: 7.5
nvd
больше 1 года назад

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

msrc логотип

CVE-2024-27316

CVSS3: 7.5
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2024-27316

CVSS3: 7.5
debian
больше 1 года назад

HTTP/2 incoming headers exceeding the limit are temporarily buffered i ...