Impact: Important Public Date: 2019-08-13 CWE: CWE-400 Bugzilla: 1741864: CVE-2019-9516 HTTP/2: 0-length headers leads to denial of service Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2019-9516 from the MITRE CVE dictionary dictionary and NIST NVD.
NOTE: The following CVSS v3 metrics and score provided are preliminary and subject to review.
CVSS3 Base Score | 6.5 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Attack Vector | Network |
Attack Complexity | Low |
Privileges Required | Low |
User Interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity Impact | None |
Availability Impact | High |
Platform | Package | State |
---|---|---|
Red Hat JBoss Web Server 3.0 | httpd | Under investigation |
Red Hat Enterprise Linux 8 | httpd | Under investigation |
Red Hat Enterprise Linux 7 | httpd | Under investigation |
Red Hat Enterprise Linux 6 | httpd | Under investigation |
Red Hat Enterprise Linux 5 | httpd | Under investigation |