SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Server/CGI)  >   Apache HTTPD Vendors:   Apache Software Foundation
Apache HTTPD Write-after-free Memory Error in Processing HTTP/2 Streams Has Unspecified Impact
SecurityTracker Alert ID:  1040567
SecurityTracker URL:  http://securitytracker.com/id/1040567
CVE Reference:   CVE-2018-1302   (Links to External Site)
Updated:  Mar 26 2018
Original Entry Date:  Mar 26 2018
Impact:   Not specified
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.4.17 to 2.4.29
Description:   A vulnerability was reported in Apache HTTPD. The impact was not specified.

A remote user can send specially crafted data to cause a null pointer to be written to freed memory when shutting down an HTTP/2 stream.

The impact was not specified.

Robert Swiecki reported this vulnerability.

Impact:   The impact was not specified.
Solution:   The vendor has issued a fix (2.4.30).

The vendor advisory is available at:

http://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1302

Vendor URL:  httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1302 (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 4 2018 (Ubuntu Issues Fix) Apache HTTPD Write-after-free Memory Error in Processing HTTP/2 Streams Has Unspecified Impact
Ubuntu has issued a fix for Ubuntu Linux 18.04 LTS.



 Source Message Contents

Subject:  CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown


CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown

Severity: Low

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.4.17 to 2.4.29

Description:
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server
prior to version 2.4.30 could have written a NULL pointer potentially to an
already freed memory. The memory pools maintained by the server make this
vulnerabilty hard to trigger in usual configurations, the reporter and the team
could not reproduce it outside debug builds, so it is classified as low risk.

Mitigation:
All httpd users should upgrade to 2.4.30 or later.

Credit:
The issue was discovered by Robert Swiecki, bug found by honggfuzz

References:
https://httpd.apache.org/security/vulnerabilities_24.html
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC