vulnerability

Rocky Linux: CVE-2024-24791: git-lfs (Multiple Advisories)

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 2, 2024
Added
Oct 2, 2024
Modified
Oct 6, 2025

Description

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

Solutions

rocky-upgrade-aardvark-dnsrocky-upgrade-buildahrocky-upgrade-buildah-debuginforocky-upgrade-buildah-debugsourcerocky-upgrade-buildah-testsrocky-upgrade-buildah-tests-debuginforocky-upgrade-conmonrocky-upgrade-conmon-debuginforocky-upgrade-conmon-debugsourcerocky-upgrade-containernetworking-pluginsrocky-upgrade-containernetworking-plugins-debuginforocky-upgrade-containernetworking-plugins-debugsourcerocky-upgrade-containers-commonrocky-upgrade-critrocky-upgrade-criurocky-upgrade-criu-debuginforocky-upgrade-criu-debugsourcerocky-upgrade-criu-develrocky-upgrade-criu-libsrocky-upgrade-criu-libs-debuginforocky-upgrade-crunrocky-upgrade-crun-debuginforocky-upgrade-crun-debugsourcerocky-upgrade-delverocky-upgrade-delve-debuginforocky-upgrade-delve-debugsourcerocky-upgrade-fuse-overlayfsrocky-upgrade-fuse-overlayfs-debuginforocky-upgrade-fuse-overlayfs-debugsourcerocky-upgrade-git-lfsrocky-upgrade-git-lfs-debuginforocky-upgrade-git-lfs-debugsourcerocky-upgrade-go-toolsetrocky-upgrade-golangrocky-upgrade-golang-binrocky-upgrade-grafanarocky-upgrade-grafana-debuginforocky-upgrade-grafana-debugsourcerocky-upgrade-grafana-selinuxrocky-upgrade-libslirprocky-upgrade-libslirp-debuginforocky-upgrade-libslirp-debugsourcerocky-upgrade-libslirp-develrocky-upgrade-netavarkrocky-upgrade-oci-seccomp-bpf-hookrocky-upgrade-oci-seccomp-bpf-hook-debuginforocky-upgrade-oci-seccomp-bpf-hook-debugsourcerocky-upgrade-podmanrocky-upgrade-podman-catatonitrocky-upgrade-podman-catatonit-debuginforocky-upgrade-podman-debuginforocky-upgrade-podman-debugsourcerocky-upgrade-podman-gvproxyrocky-upgrade-podman-gvproxy-debuginforocky-upgrade-podman-pluginsrocky-upgrade-podman-plugins-debuginforocky-upgrade-podman-remoterocky-upgrade-podman-remote-debuginforocky-upgrade-podman-testsrocky-upgrade-python3-criurocky-upgrade-runcrocky-upgrade-runc-debuginforocky-upgrade-runc-debugsourcerocky-upgrade-skopeorocky-upgrade-skopeo-testsrocky-upgrade-slirp4netnsrocky-upgrade-slirp4netns-debuginforocky-upgrade-slirp4netns-debugsourcerocky-upgrade-toolboxrocky-upgrade-toolbox-debuginforocky-upgrade-toolbox-debugsourcerocky-upgrade-toolbox-tests

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today