apache2: Multiple vulnerabilities (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)
CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header
A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards.
Versions Affected: 2.4.20 to 2.4.43
Reference:
https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2020-11984: mod_uwsgi buffer overlow
mod_proxy_uwsgi info disclosure and possible RCE.
Versions Affected: 2.4.32 to 2.4.44
References:
- https://www.openwall.com/lists/oss-security/2020/08/07/1
- https://httpd.apache.org/security/vulnerabilities_24.html
CVE-2020-11993: Push Diary Crash on Specifically Crafted HTTP/2 Header
When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.
Versions Affected: 2.4.20 to 2.4.43
Reference:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993
Affected branches:
-
master -
3.12-stable -
3.11-stable -
3.10-stable -
3.9-stable