Project

General

Profile

Actions
Copy link

Security #6481

closed

http2: quadratic complexity in find_or_create_tx not bounded by max-tx

Added by Philippe Antoine 6 months ago. Updated 3 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Affected Versions:
Label:
CVE:
2024-23836
Git IDs:

80abc22f6475b6a87a33166729a871203f34d578

Severity:
CRITICAL
Disclosure Date:
01/16/2024

Description

As a single parsing round can create more transactions than max-tx
Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63345

Subtasks 2 (0 open2 closed)

Security #6531: http2: quadratic complexity in find_or_create_tx not bounded by max-tx (7.0.x backport)ClosedPhilippe AntoineActions
Security #6660: http2: quadratic complexity in find_or_create_tx not bounded by max-tx (6.0.x backport)ClosedPhilippe AntoineActions
Actions
Copy link

Also available in: Atom PDF