An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
History

Wed, 09 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:service_interconnect:1.4::el8
cpe:/a:redhat:service_interconnect:1.4::el9

Thu, 26 Sep 2024 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhmt
CPEs cpe:/a:redhat:rhmt:1.8::el8
Vendors & Products Redhat rhmt

Fri, 06 Sep 2024 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Builds
CPEs cpe:/a:redhat:openshift:4.16::el9
cpe:/a:redhat:openshift_builds:1.1::el9
Vendors & Products Redhat openshift Builds

cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published: 2024-04-04T20:37:30.714Z

Updated: 2024-08-26T20:40:01.996Z

Reserved: 2023-10-06T17:06:26.221Z

Link: CVE-2023-45288

cve-icon Vulnrichment

Updated: 2024-08-02T20:21:15.329Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-04T21:15:16.113

Modified: 2024-11-21T08:26:42.380

Link: CVE-2023-45288

cve-icon Redhat

Severity : Important

Publid Date: 2024-04-03T00:00:00Z

Links: CVE-2023-45288 - Bugzilla