DEBIAN-CVE-2021-31618
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2021-31618
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2021-31618.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2021-31618
- Upstream
- Published
- 2021-06-15T09:15:07Z
- Modified
- 2025-09-19T06:27:01Z
- Summary
- [none]
- Details
-
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.
- References
Affected packages
Debian:11 / apache2
Package
- Name
- apache2
- Purl
- pkg:deb/debian/apache2?arch=source
Debian:12 / apache2
Package
- Name
- apache2
- Purl
- pkg:deb/debian/apache2?arch=source
Debian:13 / apache2
Package
- Name
- apache2
- Purl
- pkg:deb/debian/apache2?arch=source
Debian:14 / apache2
Package
- Name
- apache2
- Purl
- pkg:deb/debian/apache2?arch=source