vulnerability

Red Hat OpenShift: CVE-2019-9514: HTTP/2: flood using HEADERS frames results in unbounded memory growth

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	Aug 13, 2019	Sep 12, 2019	Apr 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Aug 13, 2019

Added

Sep 12, 2019

Modified

Apr 11, 2025

Description

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.

Solution(s)

linuxrpm-upgrade-ansible-operatorlinuxrpm-upgrade-ansible-service-brokerlinuxrpm-upgrade-apblinuxrpm-upgrade-atomic-enterprise-service-cataloglinuxrpm-upgrade-atomic-openshiftlinuxrpm-upgrade-atomic-openshift-cluster-autoscalerlinuxrpm-upgrade-atomic-openshift-deschedulerlinuxrpm-upgrade-atomic-openshift-dockerregistrylinuxrpm-upgrade-atomic-openshift-metrics-serverlinuxrpm-upgrade-atomic-openshift-node-problem-detectorlinuxrpm-upgrade-atomic-openshift-service-idlerlinuxrpm-upgrade-atomic-openshift-web-consolelinuxrpm-upgrade-cockpitlinuxrpm-upgrade-containernetworking-pluginslinuxrpm-upgrade-cri-olinuxrpm-upgrade-cri-toolslinuxrpm-upgrade-csi-attacherlinuxrpm-upgrade-csi-driver-registrarlinuxrpm-upgrade-csi-livenessprobelinuxrpm-upgrade-csi-provisionerlinuxrpm-upgrade-faqlinuxrpm-upgrade-golang-github-openshift-oauth-proxylinuxrpm-upgrade-golang-github-openshift-prometheus-alert-bufferlinuxrpm-upgrade-golang-github-prometheus-alertmanagerlinuxrpm-upgrade-golang-github-prometheus-node_exporterlinuxrpm-upgrade-golang-github-prometheus-prometheuslinuxrpm-upgrade-golang-github-prometheus-promulinuxrpm-upgrade-hawkular-openshift-agentlinuxrpm-upgrade-heapsterlinuxrpm-upgrade-ignitionlinuxrpm-upgrade-image-inspectorlinuxrpm-upgrade-openshiftlinuxrpm-upgrade-openshift-enterprise-autoheallinuxrpm-upgrade-openshift-enterprise-cluster-capacitylinuxrpm-upgrade-openshift-enterprise-image-registrylinuxrpm-upgrade-openshift-eventrouterlinuxrpm-upgrade-openshift-external-storagelinuxrpm-upgrade-openshift-monitor-project-lifecyclelinuxrpm-upgrade-openvswitch-ovn-kuberneteslinuxrpm-upgrade-pivot

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today