Oval Definition:	oval:com.ubuntu.bionic:def:201995120000000
Revision Date: 2019-08-13 Version: 1 Title: CVE-2019-9512 on Ubuntu 18.04 LTS (bionic) - medium. Description: Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-9512 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND Package Information golang-1.10 package in bionic is affected and may need fixing. OR golang-1.8 package in bionic is affected and may need fixing. OR golang-1.9 package in bionic is affected and may need fixing. OR h2o package in bionic is affected and may need fixing. OR netty package in bionic is affected and needs fixing. OR trafficserver package in bionic is affected and needs fixing. OR twisted package in bionic was vulnerable but has been fixed (note: '17.9.0-2ubuntu0.1').
BACK