A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/2 stream is closed while still in use, resulting in a potentially exploitable crash. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11713
Acknowledgments: Name: the Mozilla project Upstream: Hanno Böck
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1764 https://access.redhat.com/errata/RHSA-2019:1764
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1765 https://access.redhat.com/errata/RHSA-2019:1765
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1763 https://access.redhat.com/errata/RHSA-2019:1763
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-11713
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:1775 https://access.redhat.com/errata/RHSA-2019:1775
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2019:1777 https://access.redhat.com/errata/RHSA-2019:1777
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2019:1799 https://access.redhat.com/errata/RHSA-2019:1799