Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1941). nghttp2 library prior to version 1.61.0 allows excessive CPU usage to decode HPACK stream (CVE-2024-28182)
Reporter | Title | Published | Views | Family All 89 |
---|---|---|---|---|
Tenable Nessus | Fedora 40 : nghttp2 (2024-da8cdd8414) | 29 Apr 202400:00 | – | nessus |
Tenable Nessus | Fedora 38 : nghttp2 (2024-ec22e51ec2) | 20 Apr 202400:00 | – | nessus |
Tenable Nessus | Slackware Linux 15.0 / current nghttp2 Vulnerability (SSA:2024-095-02) | 4 Apr 202400:00 | – | nessus |
Tenable Nessus | Debian dla-3804 : libnghttp2-14 - security update | 30 Apr 202400:00 | – | nessus |
Tenable Nessus | Oracle MySQL Cluster 8.0.x < 8.0.39 / 8.4.x < 8.4.2 / 9.x < 9.0.1 (October 2024 CPU) | 17 Oct 202400:00 | – | nessus |
Tenable Nessus | Fedora 39 : nghttp2 (2024-a00de83de9) | 20 Apr 202400:00 | – | nessus |
Tenable Nessus | Debian dla-3898 : libnghttp2-14 - security update | 27 Sep 202400:00 | – | nessus |
Tenable Nessus | GLSA-202408-10 : nghttp2: Multiple Vulnerabilities | 7 Aug 202400:00 | – | nessus |
Tenable Nessus | Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : nghttp2 vulnerabilities (USN-6754-1) | 25 Apr 202400:00 | – | nessus |
Tenable Nessus | Oracle HTTP Server (October 2024 CPU) | 18 Oct 202400:00 | – | nessus |
Source | Link |
---|---|
developer | www.developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html |
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.2.2024.1941");
script_cve_id("CVE-2024-28182");
script_tag(name:"creation_date", value:"2024-07-16 08:46:04 +0000 (Tue, 16 Jul 2024)");
script_version("2024-07-17T05:05:38+0000");
script_tag(name:"last_modification", value:"2024-07-17 05:05:38 +0000 (Wed, 17 Jul 2024)");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_name("Huawei EulerOS: Security Advisory for nghttp2 (EulerOS-SA-2024-1941)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Huawei EulerOS Local Security Checks");
script_dependencies("gb_huawei_euleros_consolidation.nasl");
script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP9");
script_xref(name:"Advisory-ID", value:"EulerOS-SA-2024-1941");
script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2024-1941");
script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'nghttp2' package(s) announced via the EulerOS-SA-2024-1941 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 keeps reading the unbounded number of HTTP/2 CONTINUATION frames even after a stream is reset to keep HPACK context in sync. This causes excessive CPU usage to decode HPACK stream. nghttp2 v1.61.0 mitigates this vulnerability by limiting the number of CONTINUATION frames it accepts per stream. There is no workaround for this vulnerability.(CVE-2024-28182)");
script_tag(name:"affected", value:"'nghttp2' package(s) on Huawei EulerOS V2.0SP9.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "EULEROS-2.0SP9") {
if(!isnull(res = isrpmvuln(pkg:"libnghttp2", rpm:"libnghttp2~1.39.2~3.h4.eulerosv2r9", rls:"EULEROS-2.0SP9"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo