CVE-2024-7246

2024-08-0613:21:25

redhat.com

access.redhat.com

grpc

http/2 proxy

hpack table

vulnerability

failed requests

leakage

header keys

update

fixed version

CVSS4

6.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:L/SA:L

AI Score

8.9

Confidence

High

EPSS

Percentile

9.5%

JSON

A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. By sending a specially crafted request, an attacker could leak other clients HTTP header keys. Attackers are only able to access HTTP header keys but not values.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.