4 matches found
The vulnerability of the on_frame_recv_callback() function (soup-server-message-io-http1.c) in the GNOME graphical interface library libsoup allows a attacker to cause a service failure.
The vulnerability of the onframerecvcallback function soup-server-message-io-http1.c in the GNOME graphical interface library libsoup is related to incorrect interpretation of input data when processing pseudoheaders such as :scheme, :authority, and :path. Exploitation of this vulnerability could...
CVE-2024-41062
In the Linux kernel, the following vulnerability has been resolved: bluetooth/l2cap: sync sock recv cb and release The problem occurs between the system call to close the sock and hcirxwork, where the former releases the sock and the latter accesses it without lock protection. CPU0 CPU1 ---- ----...
github.com/nghttp2/nghttp2 has HTTP/2 Rapid Reset
Impact Rapidly creating and cancelling streams HEADERS frame immediately followed by RSTSTREAM without bound cause denial of service. See https://vulners.com/cve/CVE-2023-44487 for details. Patches nghttp2 v1.57.0 mitigates this vulnerability by default. Workarounds If upgrading to nghttp2 v1.57....
ALPINE-CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...