Bug 2273383 (CVE-2024-3302)

Summary: CVE-2024-3302 Mozilla: Denial of Service using HTTP/2 CONTINUATION frames
Product: [Other] Security Response Reporter: Nick Tait <ntait>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: abobrov, erack, gotiwari, jhorak, mvyas, security-response-team, tpopela
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: firefox 115.10, thunderbird 115.10 Doc Type: ---
Doc Text:
The Mozilla Foundation Security Advisory describes this flaw as: There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2268258, 2272959    

Description Nick Tait 2024-04-04 14:25:13 UTC 
Per initial information provided via VINCE:

Mozilla has reserved CVE-2024-3302 for this issue in the Gecko networking implementation; the Firefox and Thunderbird clients would be vulnerable to a DoS from a malicious server.
Comment 5 Mauro Matteo Cascella 2024-04-18 16:34:05 UTC 
This CVE has been published in the Firefox ESR 115.10 security advisory [1].

Impact: Low
Description:
There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser.

[1] https://www.mozilla.org/en-US/security/advisories/mfsa2024-19/#CVE-2024-3864
Comment 6 errata-xmlrpc 2024-04-22 08:34:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2024:1934 https://access.redhat.com/errata/RHSA-2024:1934
Comment 7 errata-xmlrpc 2024-04-22 08:35:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.8 Extended Update Support

Via RHSA-2024:1937 https://access.redhat.com/errata/RHSA-2024:1937
Comment 8 errata-xmlrpc 2024-04-22 08:41:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2024:1935 https://access.redhat.com/errata/RHSA-2024:1935
Comment 9 errata-xmlrpc 2024-04-22 08:44:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:1938 https://access.redhat.com/errata/RHSA-2024:1938
Comment 10 errata-xmlrpc 2024-04-22 08:47:07 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:1940 https://access.redhat.com/errata/RHSA-2024:1940
Comment 11 errata-xmlrpc 2024-04-22 08:49:41 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:1941 https://access.redhat.com/errata/RHSA-2024:1941
Comment 12 errata-xmlrpc 2024-04-22 08:52:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2024:1936 https://access.redhat.com/errata/RHSA-2024:1936
Comment 13 errata-xmlrpc 2024-04-22 08:53:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2024:1939 https://access.redhat.com/errata/RHSA-2024:1939
Comment 14 errata-xmlrpc 2024-04-23 12:29:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.4 Telecommunications Update Service

Via RHSA-2024:1982 https://access.redhat.com/errata/RHSA-2024:1982