CVE-2024-27983: Race Condition
First published: Tue Apr 02 2024(Updated: )
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP | >=17.1.0<=17.1.1 | |
| F5 BIG-IP | >=16.1.0<=16.1.4 | |
| F5 BIG-IP | >=15.1.0<=15.1.10 | |
| IBM Planning Analytics Local - IBM Planning Analytics Workspace | <=2.1 | |
| IBM Planning Analytics Local - IBM Planning Analytics Workspace | <=2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://my.f5.com/manage/s/article/K000139532
- http://www.openwall.com/lists/oss-security/2024/04/03/16
- https://hackerone.com/reports/2319584
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDECX4BYZLMM4S4LALN4DPZ2HUTTPLKE/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YDVFUH7ACZPYB3BS4SVILNOY7NQU73VW/
- https://security.netapp.com/advisory/ntap-20240510-0002/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2273043
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2273044
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2273045
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2278048
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2278047
- https://access.redhat.com/errata/RHSA-2024:2779
- https://access.redhat.com/errata/RHSA-2024:2778
- https://access.redhat.com/errata/RHSA-2024:2780
- https://access.redhat.com/errata/RHSA-2024:2853
- https://access.redhat.com/errata/RHSA-2024:2910
- https://access.redhat.com/errata/RHSA-2024:2937
- https://access.redhat.com/errata/RHSA-2024:3472
- https://access.redhat.com/errata/RHSA-2024:3545
- https://access.redhat.com/errata/RHSA-2024:3544
- https://access.redhat.com/errata/RHSA-2024:3553
- https://access.redhat.com/errata/RHSA-2024:4353
- https://access.redhat.com/errata/RHSA-2024:4824
- https://bugzilla.redhat.com/show_bug.cgi?id=2272764
- https://exchange.xforce.ibmcloud.com/vulnerabilities/286865
- https://www.ibm.com/support/pages/node/7157110 (Advisory)
- agent/weakness
- agent/type
- agent/author
- agent/first-publish-date
- collector/f5-advisory
- source/F5
- alias/CVE-2024-27983
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- agent/references
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/ibm-support
- source/IBM
- vendor/f5
- canonical/f5 big-ip
- version/f5 big-ip/17.1.0
- version/f5 big-ip/17.1.1
- version/f5 big-ip/16.1.0
- version/f5 big-ip/16.1.4
- version/f5 big-ip/15.1.0
- version/f5 big-ip/15.1.10
- vendor/ibm
- canonical/ibm planning analytics local - ibm planning analytics workspace
- version/ibm planning analytics local - ibm planning analytics workspace/2.1
- version/ibm planning analytics local - ibm planning analytics workspace/2.0