Wind River Support Network

HomeDefectsLIN1019-11742
Fixed

LIN1019-11742 : Security Advisory - apache2 - CVE-2024-27316

Created: Apr 3, 2024    Updated: Dec 11, 2024
Resolved Date: May 6, 2024
Found In Version: 10.19.45.1
Fix Version: 10.19.45.31
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube