CVE - CVE-2021-31618

CVE-ID
CVE-2021-31618	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://security.netapp.com/advisory/ntap-20210727-0008/ URL:https://security.netapp.com/advisory/ntap-20210727-0008/ DEBIAN:DSA-4937 URL:https://www.debian.org/security/2021/dsa-4937 FEDORA:FEDORA-2021-051639aad4 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NKJ3ZA3FTSZ2QBBPKS6BYGAWYRABNQQ/ FEDORA:FEDORA-2021-181f29c392 URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A73QJ4HPUMU26I6EULG6SCK67TUEXZYR/ GENTOO:GLSA-202107-38 URL:https://security.gentoo.org/glsa/202107-38 MISC:http://httpd.apache.org/security/vulnerabilities_24.html URL:http://httpd.apache.org/security/vulnerabilities_24.html MISC:https://seclists.org/oss-sec/2021/q2/206 URL:https://seclists.org/oss-sec/2021/q2/206 MISC:https://www.oracle.com/security-alerts/cpuoct2021.html URL:https://www.oracle.com/security-alerts/cpuoct2021.html MLIST:[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update URL:https://lists.debian.org/debian-lts-announce/2021/07/msg00006.html MLIST:[httpd-cvs] 20210615 svn commit: r1075782 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_24.html URL:https://lists.apache.org/thread.html/r783b6558abf3305b17ea462bed4bd66d82866438999bf38cef6d11d1@%3Ccvs.httpd.apache.org%3E MLIST:[httpd-cvs] 20210615 svn commit: r1890801 - /httpd/site/trunk/content/security/json/CVE-2021-31618.json URL:https://lists.apache.org/thread.html/r14b66ef0f4f569fd515a3f96cd4eb58bd9a8ff525cc326bb0359664f@%3Ccvs.httpd.apache.org%3E MLIST:[oss-security] 20210609 CVE-2021-31618: Apache httpd: NULL pointer dereference on specially crafted HTTP/2 request URL:http://www.openwall.com/lists/oss-security/2021/06/10/9
Assigning CNA
Apache Software Foundation
Date Record Created
20210423	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20210423)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)