Resolves: RHEL-45806 - mod_http2: DoS by null pointer in websocket

over HTTP/2 (CVE-2024-36387)
This commit is contained in:
Luboš Uhliarik 2024-07-09 14:37:46 +02:00
parent 2c7cd439c5
commit c11e410c28
2 changed files with 24 additions and 1 deletions

View File

@ -0,0 +1,17 @@
--- a/mod_http2/h2_c2.c 2024/06/24 17:34:59 1918556
+++ b/mod_http2/h2_c2.c 2024/06/24 17:51:42 1918557
@@ -370,6 +370,13 @@
h2_conn_ctx_t *conn_ctx = h2_conn_ctx_get(f->c);
apr_status_t rv;
+ if (bb == NULL) {
+#if !AP_MODULE_MAGIC_AT_LEAST(20180720, 1)
+ f->c->data_in_output_filters = 0;
+#endif
+ return APR_SUCCESS;
+ }
+
ap_assert(conn_ctx);
#if AP_HAS_RESPONSE_BUCKETS
if (!conn_ctx->has_final_response) {

View File

@ -3,7 +3,7 @@
Name: mod_http2
Version: 2.0.26
Release: 2%{?dist}
Release: 3%{?dist}
Summary: module implementing HTTP/2 for Apache 2
License: ASL 2.0
URL: https://icing.github.io/mod_h2/
@ -14,6 +14,8 @@ Source0: https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2
#
# https://bugzilla.redhat.com/show_bug.cgi?id=2268277
Patch100: mod_http2-2.0.26-CVE-2024-27316.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2295006
Patch101: mod_http2-2.0.26-CVE-2024-36387.patch
BuildRequires: make
BuildRequires: gcc
@ -53,6 +55,10 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{
%{_httpd_moddir}/mod_proxy_http2.so
%changelog
* Tue Jul 09 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.0.26-3
- Resolves: RHEL-45806 - mod_http2: DoS by null pointer in websocket
over HTTP/2 (CVE-2024-36387)
* Fri Apr 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.0.26-2
- Resolves: RHEL-31855 - mod_http2: httpd: CONTINUATION frames
DoS (CVE-2024-27316)