Description HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory in the pushing request's pool, leading to crashes. The memory copied is that of the configured push link header values, not data supplied by the client.
CVSS vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Exploitability: 3.9 | Impact: 3.6 Attack Vector: Network
Complexity: Low
Privileges: None
User Interaction: None
Scope: Unchanged
Confidentiality: None
Integrity: None
Availability: High
Affected Packages2 packages Also affects: Debian Linux 10.0, 9.0
🔴 Vulnerability Details4 GHSA GHSA-c2vp-q2q2-hm8m: HTTP/2 (2 ↗ 2022-05-24 ▶ OSV apache2 vulnerabilities ↗ 2019-08-29 ▶ OSV CVE-2019-10081: HTTP/2 (2 ↗ 2019-08-15 ▶ CVEList CVE-2019-10081: HTTP/2 (2 ↗ 2019-08-15 ▶
📋 Vendor Advisories3 Ubuntu Apache HTTP Server vulnerabilities ↗ 2019-08-29 ▶ Red Hat httpd: memory corruption on early pushes ↗ 2019-08-14 ▶ Debian CVE-2019-10081: apache2 - HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H... ↗ 2019 ▶
💬 Community9 HackerOne mod_http2, memory corruption on early pushes (CVE-2019-10081) ↗ 2019-10-15 ▶ Bugzilla CVE-2019-10081 httpd: memory corruption on early pushes [fedora-all] ↗ 2019-08-21 ▶ Bugzilla CVE-2019-10081 nodejs: httpd: memory corruption on early pushes [epel-all] ↗ 2019-08-21 ▶ Bugzilla CVE-2019-10081 nghttp2: httpd: memory corruption on early pushes [epel-all] ↗ 2019-08-21 ▶ Bugzilla CVE-2019-10081 httpd: memory corruption on early pushes ↗ 2019-08-21 ▶ Show 4 more