Vulnerability Name:

CVE-2021-31618 (CCN-203466)

Assigned:2021-06-01
Published:2021-06-01
Updated:2021-12-10
Summary:Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-476
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2021-31618

Source: CCN
Type: Apache Web site
important: NULL pointer dereference on specially crafted HTTP/2 request

Source: MISC
Type: Release Notes, Vendor Advisory
http://httpd.apache.org/security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20210609 CVE-2021-31618: Apache httpd: NULL pointer dereference on specially crafted HTTP/2 request

Source: XF
Type: UNKNOWN
apache-cve202131618-dos(203466)

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210615 svn commit: r1890801 - /httpd/site/trunk/content/security/json/CVE-2021-31618.json

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210615 svn commit: r1075782 - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210709 [SECURITY] [DLA 2706-1] apache2 security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-051639aad4

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-181f29c392

Source: CCN
Type: oss-sec Mailing List, Wed, 09 Jun 2021 23:11:00 +0200
CVE-2021-31618: Apache httpd: NULL pointer dereference on specially crafted HTTP/2 request

Source: MISC
Type: Mailing List, Third Party Advisory
https://seclists.org/oss-sec/2021/q2/206

Source: GENTOO
Type: Third Party Advisory
GLSA-202107-38

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210727-0008/

Source: DEBIAN
Type: Third Party Advisory
DSA-4937

Source: CCN
Type: IBM Security Bulletin 6492615 (i)
Multiple vulnerabilities in Apache HTTP Server affect IBM i

Source: CCN
Type: IBM Security Bulletin 6541328 (Rational Build Forge)
IBM Rational Build Forge 8.0.x is affected by Apache HTTP Server version used in it. (CVE-2021-31618, CVE-2020-13950, CVE-2019-17567, CVE-2020-26691, CVE-2021-26690, CVE-2020-13938, CVE-2021-30641, CVE-2020-35452)

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:1.15.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.47:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.29:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.25:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.26:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.27:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.39:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.43:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.46:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8039
    P
    		maven-3.8.6-150200.4.9.8 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:7971
    P
    		libzypp-plugin-appdata-1.0.1+git.20230117-150500.1.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7434
    P
    		apache2-2.4.51-150400.6.11.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7473
    P
    		cryptsetup-2.4.3-150400.1.110 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:730
    P
    		Security update for java-1_8_0-openj9 (Important)
    2022-09-06
    oval:org.opensuse.security:def:3631
    P
    		Security update for pcre (Important)
    2022-07-12
    oval:org.opensuse.security:def:3446
    P
    		bluez-5.13-5.12.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3463
    P
    		cups-1.7.5-20.23.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94558
    P
    		gdk-pixbuf-devel-2.42.6-150400.3.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94492
    P
    		apache2-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95093
    P
    		apache2-devel-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2862
    P
    		apache2-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:6069
    P
    		Security update for u-boot (Important)
    2022-06-13
    oval:org.opensuse.security:def:95298
    P
    		Security update for containerd, docker (Important)
    2022-05-16
    oval:org.opensuse.security:def:102011
    P
    		Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP3) (Critical)
    2022-02-17
    oval:org.opensuse.security:def:99482
    P
    		 (Important)
    2022-02-04
    oval:org.opensuse.security:def:99681
    P
    		 (Moderate)
    2021-10-06
    oval:org.opensuse.security:def:99989
    P
    		 (Important)
    2021-09-03
    oval:org.opensuse.security:def:101271
    P
    		groovy-lib-2.4.21-3.3.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:111598
    P
    		Security update for apache2 (Important)
    2021-07-10
    oval:org.opensuse.security:def:111453
    P
    		Security update for apache2 (Important)
    2021-06-24
    oval:org.opensuse.security:def:66839
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:117452
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:1472
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:99389
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69128
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:107937
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:73842
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:100630
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:5750
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:67158
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:118504
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:1616
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:97131
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:99652
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:64535
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:108677
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:75907
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:101461
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:68562
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:96052
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:99966
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:64720
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:109408
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:76226
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:102742
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69060
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:73657
    P
    		Security update for apache2 (Important)
    2021-06-22
    oval:org.opensuse.security:def:100302
    P
    		 (Important)
    2021-06-22
    oval:org.opensuse.security:def:89153
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:31643
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:57945
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:84623
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:23602
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:51590
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:97079
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:9732
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:92141
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:99283
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:33933
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:60292
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:87414
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:127126
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:30094
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:56037
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:83301
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:92930
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:8980
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:70243
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:89411
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:32122
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:58773
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:85667
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:23926
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:51914
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:10103
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:92333
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:69489
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:34469
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:88145
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:30214
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:57026
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:83421
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:93083
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:9349
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:70423
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:98896
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:32950
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:59498
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:86107
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:125559
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:26077
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:55209
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:10283
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:92532
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:8605
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:69673
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:88458
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:31203
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:57466
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:84165
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:5064
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:93236
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:9533
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:91946
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:99091
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:33675
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:59756
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:86586
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:126729
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:29386
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:55917
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:82593
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:92731
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:8785
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:69872
    P
    		Security update for apache2 (Important)
    2021-06-17
    BACK
    apache http server 1.15.17
    apache http server 2.4.47
    fedoraproject fedora 33
    fedoraproject fedora 34
    debian debian linux 9.0
    debian debian linux 10.0
    oracle enterprise manager ops center 12.4.0.0
    oracle instantis enterprisetrack 17.1
    oracle instantis enterprisetrack 17.2
    oracle instantis enterprisetrack 17.3
    oracle zfs storage appliance kit 8.8
    apache http server 2.4.0
    apache http server 2.4.1
    apache http server 2.4.2
    apache http server 2.4.3
    apache http server 2.4.4
    apache http server 2.4.7
    apache http server 2.4.6
    apache http server 2.4.9
    apache http server 2.4.10
    apache http server 2.4.12
    apache http server 2.4.18
    apache http server 2.4.20
    apache http server 2.4.17
    apache http server 2.4.23
    apache http server 2.4.29
    apache http server 2.4.33
    apache http server 2.4.25
    apache http server 2.4.26
    apache http server 2.4.27
    apache http server 2.4.28
    apache http server 2.4.34
    apache http server 2.4.35
    apache http server 2.4.37
    apache http server 2.4.39
    apache http server 2.4.41
    apache http server 2.4.43
    apache http server 2.4.46
    ibm rational build forge 8.0
    ibm i 7.2
    ibm i 7.3
    ibm i 7.4