Уязвимость CVE-2020-11080: Информация

Описание

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS frame and the number of settings entries are large (e.g., > 32), then drop the connection.

Важность: HIGH (7,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Исправленные пакеты

Ссылки на рекомендации, решения и инструменты

1. Подверженные конфигурации:

   1. Конфигурация 1

      cpe:2.3:a:nghttp2:nghttp2:*:*:*:*:*:*:*:*

      End excliding

      1.41.0

      ---

      Конфигурация 2

      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

      ---

      Конфигурация 3

      cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

      ---

      Конфигурация 4

      cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

      ---

      cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

      ---

      Конфигурация 5

      cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:oracle:graalvm:19.3.2:*:*:*:enterprise:*:*:*

      ---

      cpe:2.3:a:oracle:graalvm:20.1.0:*:*:*:enterprise:*:*:*

      ---

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

      Start including

      8.0.0

      End including

      8.0.21

      ---

      cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

      Start including

      7.6.0

      End including

      7.6.15

      ---

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

      Start including

      7.5.0

      End including

      7.5.19

      ---

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

      Start including

      7.4.0

      End including

      7.4.29

      ---

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

      Start including

      7.3.0

      End including

      7.3.30

      ---

      cpe:2.3:a:oracle:banking_extensibility_workbench:14.4.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:oracle:banking_extensibility_workbench:14.3.0:*:*:*:*:*:*:*

      ---

      cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*

      End excliding

      21.1.2

      ---

      Конфигурация 6

      cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

      Start including

      10.0.0

      End including

      10.12.0

      ---

      cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

      Start including

      10.13.0

      End excliding

      10.21.0

      ---

      cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

      Start including

      12.0.0

      End including

      12.12.0

      ---

      cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*

      Start including

      14.0.0

      End including

      14.4.0

      ---

      cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*

      Start including

      12.13.0

      End excliding

      12.18.0

      ---