Bug 1866560 (CVE-2020-9490)
Summary: | CVE-2020-9490 httpd: Push diary crash on specifically crafted HTTP/2 header | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | bnater, csutherl, gandavar, gzaronik, hhorak, huzaifas, jclere, jdoyle, jorton, jwon, krathod, lgao, luhliari, mbabacek, mturk, mvanderw, myarboro, pjindal, pslavice, rsvoboda, security-response-team, weli, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | httpd 2.4.44 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in Apache httpd in versions prior to 2.4.46. A specially crafted Cache-Digest header triggers negative argument to memmove() that could lead to a crash and denial of service. The highest threat from this vulnerability is to system availability.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-09-10 13:17:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1868146, 1869068, 1869069, 1869070, 1869071, 1869072, 1869073 | ||
Bug Blocks: | 1866566 |
Description
Pedro Sampaio
2020-08-05 21:59:45 UTC
Acknowledgments: Name: the Apache project This vulnerability is out of security support scope for the following product: * Red Hat JBoss Enterprise Web Server 2 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details. Created httpd tracking bugs for this issue: Affects: fedora-all [bug 1868146] Statement: As per upstream this flaw only affects Apache HTTP Server versions 2.4.20 to 2.4.43. Therefore only httpd packages shipped with Red Hat Enterprise Linux 8 are affected. External References: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-9490 Mitigation: Configuring the HTTP/2 feature via "H2Push off" will mitigate this vulnerability. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:3714 https://access.redhat.com/errata/RHSA-2020:3714 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-9490 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2020:3726 https://access.redhat.com/errata/RHSA-2020:3726 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions Via RHSA-2020:3734 https://access.redhat.com/errata/RHSA-2020:3734 This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Via RHSA-2020:3733 https://access.redhat.com/errata/RHSA-2020:3733 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days |