CVE-2019-9515 Information

Description

Some HTTP/2 implementations are vulnerable to a settings flood potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued this can consume excess CPU memory or both.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://seclists.org/fulldisclosure/2019/Aug/16 https://access.redhat.com/errata/RHSA-2019:2766 https://access.redhat.com/errata/RHSA-2019:2796 https://access.redhat.com/errata/RHSA-2019:2861 https://access.redhat.com/errata/RHSA-2019:2925 https://access.redhat.com/errata/RHSA-2019:2939 https://access.redhat.com/errata/RHSA-2019:2955 https://access.redhat.com/errata/RHSA-2019:3892 https://access.redhat.com/errata/RHSA-2019:4018 https://access.redhat.com/errata/RHSA-2019:4019 https://access.redhat.com/errata/RHSA-2019:4020 https://access.redhat.com/errata/RHSA-2019:4021 https://access.redhat.com/errata/RHSA-2019:4040 https://access.redhat.com/errata/RHSA-2019:4041 https://access.redhat.com/errata/RHSA-2019:4042 https://access.redhat.com/errata/RHSA-2019:4045 https://access.redhat.com/errata/RHSA-2019:4352 https://access.redhat.com/errata/RHSA-2020:0727 https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md https://kb.cert.org/vuls/id/605641/ https://kc.mcafee.com/corporate/index?page=content&id=SB10296 https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@3Cusers.trafficserver.apache.org3E https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@3Cannounce.trafficserver.apache.org3E https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@3Cdev.trafficserver.apache.org3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4ZQGHE3WTYLYAYJEIDJVF2FIGQTAYPMC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CMNFX5MNYRWWIMO4BTKYQCGUDMHO3AXP/ https://seclists.org/bugtraq/2019/Aug/24 https://seclists.org/bugtraq/2019/Aug/43 https://seclists.org/bugtraq/2019/Sep/18 https://security.netapp.com/advisory/ntap-20190823-0005/ https://support.f5.com/csp/article/K50233772 https://support.f5.com/csp/article/K50233772?utm_source=f5support&utm_medium=RSS https://usn.ubuntu.com/4308-1/ https://www.debian.org/security/2019/dsa-4508 https://www.debian.org/security/2019/dsa-4520 https://www.synology.com/security/advisory/Synology_SA_19_33

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5