Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Related bugs and status

CVE-2023-44487 (Candidate) is related to these bugs:

Bug #2045544: [Debian] High CVE: CVE-2023-44487 nghttp2 - denial of service

Summary				In	Importance	Status
	2045544	[Debian] High CVE: CVE-2023-44487 nghttp2 - denial of service		StarlingX	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

DEBIAN: DSA-5521
DEBIAN: DSA-5522
MISC: https://blog.qualys.co...
MISC: https://github.com/adv...
MISC: https://github.com/apa...
MISC: https://github.com/dot...
MISC: https://github.com/kaz...
MISC: https://github.com/kaz...
MISC: https://github.com/kub...
MISC: https://github.com/ope...
MISC: https://github.com/oqt...
MISC: https://lists.apache.o...
MISC: https://martinthomson....
MISC: https://netty.io/news/...
MISC: https://news.ycombinat...
MISC: https://seanmonstar.co...
MISC: https://tomcat.apache....
MISC: https://www.cisa.gov/n...
MISC: https://www.haproxy.co...
MISC: https://www.openwall.c...
MISC: https://www.theregiste...
MISC: https://aws.amazon.com...
MISC: https://blog.cloudflar...
MISC: https://blog.cloudflar...
MISC: https://bugzilla.proxm...
MISC: https://cgit.freebsd.o...
MISC: https://cloud.google.c...
MISC: https://cloud.google.c...
MISC: https://edg.io/lp/blog...
MISC: https://forums.swift.o...
MISC: https://gist.github.co...
MISC: https://github.com/adv...
MISC: https://github.com/ali...
MISC: https://github.com/apa...
MISC: https://github.com/apa...
MISC: https://github.com/bcd...
MISC: https://github.com/cad...
MISC: https://github.com/dot...
MISC: https://github.com/ecl...
MISC: https://github.com/env...
MISC: https://github.com/fac...
MISC: https://github.com/gol...
MISC: https://github.com/grp...
MISC: https://github.com/h2o...
MISC: https://github.com/h2o...
MISC: https://github.com/hap...
MISC: https://github.com/ici...
MISC: https://github.com/mic...
MISC: https://github.com/mic...
MISC: https://github.com/net...
MISC: https://github.com/ngh...
MISC: https://github.com/ngh...
MISC: https://github.com/nod...
MISC: https://groups.google....
MISC: https://mailman.nginx....
MISC: https://msrc.microsoft...
MISC: https://msrc.microsoft...
MISC: https://my.f5.com/mana...
MISC: https://news.ycombinat...
MISC: https://news.ycombinat...
MISC: https://news.ycombinat...
MISC: https://openssf.org/bl...
MISC: https://www.bleepingco...
MISC: https://www.nginx.com/...
MISC: https://www.phoronix.c...
MISC: https://access.redhat....
MISC: https://blog.litespeed...
MISC: https://blog.vespa.ai/...
MISC: https://bugzilla.redha...
MISC: https://bugzilla.suse....
MISC: https://community.trae...
MISC: https://github.com/adv...
MISC: https://github.com/apa...
MISC: https://github.com/etc...
MISC: https://github.com/jun...
MISC: https://github.com/lin...
MISC: https://github.com/lin...
MISC: https://github.com/nin...
MISC: https://github.com/pro...
MISC: https://github.com/tem...
MISC: https://github.com/var...
MISC: https://istio.io/lates...
MISC: https://ubuntu.com/sec...
MISC: https://www.darkreadin...
MISC: https://github.com/Azu...
MISC: https://github.com/Kon...
MISC: https://github.com/akk...
MISC: https://github.com/apa...
MISC: https://github.com/ark...
MISC: https://github.com/cad...
MISC: https://github.com/ope...
MISC: https://security.paloa...
MISC: https://www.netlify.co...
MISC: https://arstechnica.co...
MISC: https://lists.w3.org/A...
MLIST: [debian-lts-announce] ...
MLIST: [oss-security] 2023101...
MLIST: [oss-security] 2023101...
FEDORA: FEDORA-2023-ed2642fd58
MISC: https://linkerd.io/202...
CONFIRM: https://security.netap...
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...
MLIST: [oss-security] 2023101...
MLIST: [oss-security] 2023101...
FEDORA: FEDORA-2023-54fadada12
FEDORA: FEDORA-2023-5ff7bf1dd8
MLIST: [oss-security] 2023101...
MLIST: [oss-security] 2023102...
FEDORA: FEDORA-2023-0259c3f26f
FEDORA: FEDORA-2023-17efd3f2cd
FEDORA: FEDORA-2023-2a9214af5f
FEDORA: FEDORA-2023-d5030c983c
FEDORA: FEDORA-2023-4d2fd884ea
FEDORA: FEDORA-2023-e9c04d81c1
FEDORA: FEDORA-2023-f66fc0f62a
FEDORA: FEDORA-2023-b2c50535cb
FEDORA: FEDORA-2023-4bf641255e
FEDORA: FEDORA-2023-fe53e13b5b
DEBIAN: DSA-5540
MLIST: [debian-lts-announce] ...
MLIST: [debian-lts-announce] ...
MISC: https://discuss.hashic...
FEDORA: FEDORA-2023-1caffb88af
FEDORA: FEDORA-2023-3f70b8d406
FEDORA: FEDORA-2023-7934802344
FEDORA: FEDORA-2023-7b52921cae
FEDORA: FEDORA-2023-822aab0a5a
FEDORA: FEDORA-2023-dbe64661af
DEBIAN: DSA-5549
MLIST: [debian-lts-announce] ...
FEDORA: FEDORA-2023-492b7be466
FEDORA: FEDORA-2023-c0c6a91330
DEBIAN: DSA-5558
MLIST: [debian-lts-announce] ...
GENTOO: GLSA-202311-09
DEBIAN: DSA-5570
CONFIRM: https://security.netap...