This description was provided in the disclosure from VINCE: HTTP/2 CONTINUATION frames without the END_HEADERS flag set can be sent in a continuous stream by an attacker to an Apache Httpd implementation, which will not properly terminate the request early, causing an OOM crash. [note: edited "which will not properly append header information in memory" to "which will not properly terminate the request early" per note from Apache in VINCE]
CVE-2023-44487 is something different i think you are mixing CVE...
Created mod_http2 tracking bugs for this issue: Affects: fedora-all [bug 2273037]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:1786 https://access.redhat.com/errata/RHSA-2024:1786
Created httpd tracking bugs for this issue: Affects: fedora-all [bug 2274836]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:1872 https://access.redhat.com/errata/RHSA-2024:1872
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:2564 https://access.redhat.com/errata/RHSA-2024:2564