Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-9512

Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.

See the

CVE page on Mitre.org for more details.

References

CERT-VN: VU#605641
MISC: https://github.com/Net...
MLIST: [trafficserver-announc...
MLIST: [trafficserver-dev] 20...
MLIST: [trafficserver-users] ...
BUGTRAQ: 20190814 APPLE-SA-2019...
FULLDISC: 20190816 APPLE-SA-2019...
CONFIRM: https://www.synology.c...
BUGTRAQ: 20190819 [SECURITY] [D...
CONFIRM: https://support.f5.com...
DEBIAN: DSA-4503
MLIST: [oss-security] 2019081...
CONFIRM: https://security.netap...
CONFIRM: https://security.netap...
CONFIRM: https://security.netap...
FEDORA: FEDORA-2019-5a6a7bc12c
FEDORA: FEDORA-2019-6a2980de56
SUSE: openSUSE-SU-2019:2000
BUGTRAQ: 20190825 [SECURITY] [D...
DEBIAN: DSA-4508
SUSE: openSUSE-SU-2019:2056
SUSE: openSUSE-SU-2019:2072
FEDORA: FEDORA-2019-55d101a740
FEDORA: FEDORA-2019-65db7ad6c7
SUSE: openSUSE-SU-2019:2085
REDHAT: RHSA-2019:2682
BUGTRAQ: 20190910 [SECURITY] [D...
CONFIRM: https://kc.mcafee.com/...
DEBIAN: DSA-4520
REDHAT: RHSA-2019:2594
REDHAT: RHSA-2019:2661
REDHAT: RHSA-2019:2726
SUSE: openSUSE-SU-2019:2114
SUSE: openSUSE-SU-2019:2115
REDHAT: RHSA-2019:2690
REDHAT: RHSA-2019:2766
SUSE: openSUSE-SU-2019:2130
REDHAT: RHSA-2019:2796
REDHAT: RHSA-2019:2861
REDHAT: RHSA-2019:2925
REDHAT: RHSA-2019:2939
REDHAT: RHSA-2019:2955
REDHAT: RHSA-2019:2966
CONFIRM: https://support.f5.com...
REDHAT: RHSA-2019:3131
REDHAT: RHSA-2019:2769
REDHAT: RHSA-2019:3245
REDHAT: RHSA-2019:3265
REDHAT: RHSA-2019:3892
REDHAT: RHSA-2019:3906
REDHAT: RHSA-2019:4018
REDHAT: RHSA-2019:4019
REDHAT: RHSA-2019:4020
REDHAT: RHSA-2019:4021
REDHAT: RHSA-2019:4040
REDHAT: RHSA-2019:4041
REDHAT: RHSA-2019:4042
REDHAT: RHSA-2019:4045
REDHAT: RHSA-2019:4269
REDHAT: RHSA-2019:4273
REDHAT: RHSA-2019:4352
REDHAT: RHSA-2020:0406
REDHAT: RHSA-2020:0727
UBUNTU: USN-4308-1
MLIST: [debian-lts-announce] ...

Launchpad.net

CVE 2019-9512

Related bugs

References