An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
CVSS
No CVSS.
References
Configurations
No configuration.
History
01 May 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 May 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Apr 2024, 06:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
19 Apr 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Apr 2024, 12:40
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Apr 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-04 21:15
Updated : 2024-05-01 18:15
NVD link : CVE-2023-45288
Mitre link : CVE-2023-45288
CVE.ORG link : CVE-2023-45288
JSON object : View
Products Affected
No product.
CWE
No CWE.