1470750 – (CVE-2017-9789) CVE-2017-9789 httpd: Read after free in mod_http2

Bug 1470750 (CVE-2017-9789) - CVE-2017-9789 httpd: Read after free in mod_http2

Summary: CVE-2017-9789 httpd: Read after free in mod_http2

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2017-9789
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1470756
Blocks:	1470755
TreeView+	depends on / blocked

Reported:	2017-07-13 14:55 UTC by Adam Mariš
Modified:	2021-02-17 01:56 UTC (History)
CC List:	36 users (show)
Fixed In Version:	httpd 2.4.27
Clone Of:
Environment:
Last Closed:	2019-06-08 03:16:32 UTC
Embargoed:

Attachments	(Terms of Use)

Description Adam Mariš 2017-07-13 14:55:07 UTC

When under stress while closing many connections, the HTTP/2 handling code would sometimes access memory after it has been freed, resulting in potentially erratic behaviour.

Affected version: 2.4.26

External References:

https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27

Comment 1 Adam Mariš 2017-07-13 15:02:30 UTC

Created httpd tracking bugs for this issue:

Affects: fedora-all [bug 1470756]

Comment 2 Stefan Cornelius 2017-07-20 09:10:19 UTC

Patch:
http://svn.apache.org/viewvc?view=revision&revision=1800774

Note You need to log in before you can comment on or make changes to this bug.

apmukher
bmaxwell
cdewolf
chazlett
csutherl
darran.lofthouse
dimitris
dosoudil
fgavrilo
gzaronik
hhorak
jawilson
jclere
jdoyle
jkaluza
jondruse
jorton
jshepherd
lgao
luhliari
mbabacek
mturk
myarboro
pahan
pgier
pjurak
ppalaga
psakar
pslavice
rnetuka
rstancel
rsvoboda
sardella
twalsh
vtunka
weli