CVE-2018-1302

MEDIUM

Description

When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter and the team could not reproduce it outside debug builds, so it is classified as low risk.

References

http://www.openwall.com/lists/oss-security/2018/03/24/5

http://www.securityfocus.com/bid/103528

http://www.securitytracker.com/id/1040567

https://access.redhat.com/errata/RHSA-2019:0366

https://access.redhat.com/errata/RHSA-2019:0367

https://httpd.apache.org/security/vulnerabilities_24.html

https://lists.apache.org/thread.html/[email protected]%3Ccvs.httpd.apache.org%3E

https://security.netapp.com/advisory/ntap-20180601-0004/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03909en_us

https://usn.ubuntu.com/3783-1/

Details

Source: MITRE

Published: 2018-03-26

Updated: 2019-08-15

Type: CWE-476

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM