Vulnerability CVE-2024-36387: Information

Description

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.

Published: July 1, 2024
Modified: July 12, 2024
Error type identifier: CWE-476

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
apache2sisyphus2.4.61-alt12.4.61-alt1ALT-PU-2024-9736-1352421Fixed
apache2sisyphus_e2k2.4.61-alt12.4.61-alt1ALT-PU-2024-10114-1-Fixed
apache2sisyphus_riscv642.4.61-alt12.4.61-alt1ALT-PU-2024-9756-1-Fixed
apache2sisyphus_loongarch642.4.61-alt12.4.61-alt1ALT-PU-2024-9761-1-Fixed
apache2p102.4.61-alt12.4.61-alt1ALT-PU-2024-10005-2352549Fixed
apache2c10f12.4.61-alt12.4.61-alt1ALT-PU-2024-10192-2352691Fixed
apache2c9f22.4.61-alt12.4.59-alt1ALT-PU-2024-10223-1352692Testing
apache2p112.4.61-alt12.4.61-alt1ALT-PU-2024-9738-2352426Fixed
apache2-mod_http2sisyphus2.0.29-alt12.0.29-alt1ALT-PU-2024-9891-1352687Fixed
apache2-mod_http2sisyphus_e2k2.0.29-alt12.0.29-alt1ALT-PU-2024-10039-1-Fixed
apache2-mod_http2sisyphus_riscv642.0.29-alt12.0.29-alt1ALT-PU-2024-9913-1-Fixed
apache2-mod_http2sisyphus_loongarch642.0.29-alt12.0.29-alt1ALT-PU-2024-9921-1-Fixed
apache2-mod_http2p102.0.29-alt12.0.29-alt1ALT-PU-2024-9971-2352689Fixed
apache2-mod_http2c10f12.0.29-alt12.0.29-alt1ALT-PU-2024-9963-3352691Fixed
apache2-mod_http2c9f22.0.29-alt12.0.27-alt1ALT-PU-2024-10221-1352692Testing
apache2-mod_http2p112.0.29-alt12.0.29-alt1ALT-PU-2024-9895-2352688Fixed

References to Advisories, Solutions, and Tools