CVE-2024-27316
Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
Los encabezados entrantes HTTP/2 que exceden el lĂmite se almacenan temporalmente en nghttp2 para generar una respuesta HTTP 413 informativa. Si un cliente no deja de enviar encabezados, esto provoca que se agote la memoria.
A vulnerability was found in how Apache httpd implements the HTTP/2 protocol. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up memory resources to cause a Denial of Service.
USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-02-23 CVE Reserved
- 2024-04-04 CVE Published
- 2024-04-13 First Exploit
- 2025-02-13 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (9)
| URL | Date | SRC |
|---|---|---|
| https://github.com/lockness-Ko/CVE-2024-27316 | 2024-04-13 | |
| https://github.com/aeyesec/CVE-2024-27316_poc | 2024-04-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://httpd.apache.org/security/vulnerabilities_24.html | 2024-07-22 | |
| https://access.redhat.com/security/cve/CVE-2024-27316 | 2024-08-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2268277 | 2024-08-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | >= 2.4.17 < 2.4.59 Search vendor "Apache" for product "Http Server" and version " >= 2.4.17 < 2.4.59" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 38 Search vendor "Fedoraproject" for product "Fedora" and version "38" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 39 Search vendor "Fedoraproject" for product "Fedora" and version "39" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 40 Search vendor "Fedoraproject" for product "Fedora" and version "40" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Ontap Search vendor "Netapp" for product "Ontap" | 9 Search vendor "Netapp" for product "Ontap" and version "9" | - |
Affected
| ||||||