PT-2023-6292 · Apache +10 · Apache Http Server +10

David Warren

+1

·

Published

2023-10-12

·

Updated

2025-08-25

·

CVE-2023-45802

Report an issue
CVSS v2.0
7.8
VectorAV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions:

Apache HTTP Server versions prior to 2.4.58

Description:

The issue is related to the handling of HTTP/2 streams in the Apache HTTP Server. When a client resets an HTTP/2 stream using an RST frame, there is a time window where the request's memory resources are not immediately reclaimed. Instead, de-allocation is deferred until the connection is closed. A client can exploit this by sending new requests and resets, keeping the connection busy and open, and causing the memory footprint to grow. This can lead to a denial-of-service condition if the process runs out of memory before the connection is closed.

Recommendations:

To resolve the issue, upgrade to version 2.4.58 or later, which fixes the problem. As a temporary workaround, consider restricting the use of HTTP/2 streams or limiting the number of concurrent connections to minimize the risk of exploitation.

Exploit

Fix

RCE

Improper Resource Release

Resource Exhaustion

Weakness Enumeration

CWE-404CWE-400

Related Identifiers

ALSA-2024:2368
ALSA-2024:3121
ALT-PU-2023-6511
ALT-PU-2023-6542
ALT-PU-2023-6543
ALT-PU-2023-6594
ALT-PU-2023-6831
ALT-PU-2023-7243
ALT-PU-2024-1938
BDU:2023-07003
BIT-APACHE-2023-45802
CESA-2024_3121
CVE-2023-45802
DLA-3818-1
DSA-5662-1
INFSA-2024_2368
INFSA-2024_3121
MGASA-2023-0304
OPENSUSE-SU-2024:13350-1
OPENSUSE-SU-2024_3961-1
OPENSUSE-SU-2024_3999-1
RHSA-2023:7625
RHSA-2024:2368
RHSA-2024:2891
RHSA-2024:3121
RHSA-2024_2368
RHSA-2024_3121
RLSA-2024:3121
SUSE-SU-2024:3949-1
SUSE-SU-2024:3961-1
SUSE-SU-2024:3962-1
SUSE-SU-2024:3999-1
SUSE-SU-2024_3949-1
SUSE-SU-2024_3961-1
SUSE-SU-2024_3962-1
SUSE-SU-2024_3999-1
USN-6506-1

Affected Products

Alt Linux
Almalinux
Apache Http Server
Astra Linux
Centos
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu