vulnerability
Red Hat OpenShift: CVE-2019-9512: HTTP/2: flood using PING frames results in unbounded memory growth
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Aug 13, 2019 | Sep 12, 2019 | Apr 11, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Aug 13, 2019
Added
Sep 12, 2019
Modified
Apr 11, 2025
Description
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
Solution(s)
linuxrpm-upgrade-ansible-operatorlinuxrpm-upgrade-ansible-service-brokerlinuxrpm-upgrade-apblinuxrpm-upgrade-atomic-enterprise-service-cataloglinuxrpm-upgrade-atomic-openshiftlinuxrpm-upgrade-atomic-openshift-cluster-autoscalerlinuxrpm-upgrade-atomic-openshift-deschedulerlinuxrpm-upgrade-atomic-openshift-dockerregistrylinuxrpm-upgrade-atomic-openshift-metrics-serverlinuxrpm-upgrade-atomic-openshift-node-problem-detectorlinuxrpm-upgrade-atomic-openshift-service-idlerlinuxrpm-upgrade-atomic-openshift-web-consolelinuxrpm-upgrade-cockpitlinuxrpm-upgrade-containernetworking-pluginslinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-csi-attacherlinuxrpm-upgrade-csi-driver-registrarlinuxrpm-upgrade-csi-livenessprobelinuxrpm-upgrade-csi-provisionerlinuxrpm-upgrade-faqlinuxrpm-upgrade-golang-github-openshift-oauth-proxylinuxrpm-upgrade-golang-github-openshift-prometheus-alert-bufferlinuxrpm-upgrade-golang-github-prometheus-alertmanagerlinuxrpm-upgrade-golang-github-prometheus-node_exporterlinuxrpm-upgrade-golang-github-prometheus-prometheuslinuxrpm-upgrade-golang-github-prometheus-promulinuxrpm-upgrade-hawkular-openshift-agentlinuxrpm-upgrade-heapsterlinuxrpm-upgrade-ignitionlinuxrpm-upgrade-image-inspectorlinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-enterprise-autoheallinuxrpm-upgrade-openshift-enterprise-cluster-capacitylinuxrpm-upgrade-openshift-enterprise-image-registrylinuxrpm-upgrade-openshift-eventrouterlinuxrpm-upgrade-openshift-external-storagelinuxrpm-upgrade-openshift-monitor-project-lifecyclelinuxrpm-upgrade-openvswitch-ovn-kuberneteslinuxrpm-upgrade-pivot
References
- CVE-2019-9512
- https://attackerkb.com/topics/CVE-2019-9512
- REDHAT-RHSA-2019:2594
- REDHAT-RHSA-2019:2661
- REDHAT-RHSA-2019:2682
- REDHAT-RHSA-2019:2690
- REDHAT-RHSA-2019:2726
- REDHAT-RHSA-2019:2766
- REDHAT-RHSA-2019:2769
- REDHAT-RHSA-2019:2796
- REDHAT-RHSA-2019:2817
- REDHAT-RHSA-2019:2861
- REDHAT-RHSA-2019:2925
- REDHAT-RHSA-2019:2939
- REDHAT-RHSA-2019:2955
- REDHAT-RHSA-2019:2966
- REDHAT-RHSA-2019:3131
- REDHAT-RHSA-2019:3245
- REDHAT-RHSA-2019:3265
- REDHAT-RHSA-2019:3892
- REDHAT-RHSA-2019:3906
- REDHAT-RHSA-2019:4018
- REDHAT-RHSA-2019:4019
- REDHAT-RHSA-2019:4020
- REDHAT-RHSA-2019:4021
- REDHAT-RHSA-2019:4040
- REDHAT-RHSA-2019:4041
- REDHAT-RHSA-2019:4042
- REDHAT-RHSA-2019:4045
- REDHAT-RHSA-2019:4269
- REDHAT-RHSA-2019:4273
- REDHAT-RHSA-2019:4352
- REDHAT-RHSA-2020:0406
- REDHAT-RHSA-2020:0727
- REDHAT-RHSA-2020:0922
- REDHAT-RHSA-2020:0983
- REDHAT-RHSA-2020:1445
- REDHAT-RHSA-2020:2067
- REDHAT-RHSA-2020:2565
- REDHAT-RHSA-2020:3196
- REDHAT-RHSA-2020:3197
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.