1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2024:1786

[RHSA-2024:1786] httpd:2.4/mod_http2 security update

Severity Important
Affected Packages 38
CVEs 1
Info Packages References Vulnerabilities

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: mod_http2: CONTINUATION frames DoS (CVE-2024-27316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/redhat/mod_ssl?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ssl?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ssl?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ssl?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_session?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_session?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_session?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_session?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_proxy_html?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_proxy_html?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_proxy_html?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_proxy_html?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_md?arch=x86_64&distro=redhat-8.9 < 2.0.8-8.module+el8.9.0+19080+567b90f8
pkg:rpm/redhat/mod_md?arch=s390x&distro=redhat-8.9 < 2.0.8-8.module+el8.9.0+19080+567b90f8
pkg:rpm/redhat/mod_md?arch=ppc64le&distro=redhat-8.9 < 2.0.8-8.module+el8.9.0+19080+567b90f8
pkg:rpm/redhat/mod_md?arch=aarch64&distro=redhat-8.9 < 2.0.8-8.module+el8.9.0+19080+567b90f8
pkg:rpm/redhat/mod_ldap?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ldap?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ldap?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_ldap?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/mod_http2?arch=x86_64&distro=redhat-8.9 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5
pkg:rpm/redhat/mod_http2?arch=s390x&distro=redhat-8.9 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5
pkg:rpm/redhat/mod_http2?arch=ppc64le&distro=redhat-8.9 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5
pkg:rpm/redhat/mod_http2?arch=aarch64&distro=redhat-8.9 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5
pkg:rpm/redhat/httpd?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-tools?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-tools?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-tools?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-tools?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-manual?distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-filesystem?distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-devel?arch=x86_64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-devel?arch=s390x&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-devel?arch=ppc64le&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
pkg:rpm/redhat/httpd-devel?arch=aarch64&distro=redhat-8.9 < 2.4.37-62.module+el8.9.0+19699+7a7a2044
ID
RHSA-2024:1786
Severity
important
URL
https://access.redhat.com/errata/RHSA-2024:1786
Published
2024-04-11T00:00:00
(5 months ago)
Modified
2024-04-11T00:00:00
(5 months ago)
Rights
Copyright 2024 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/mod_ssl?arch=x86_64&distro=redhat-8.9 redhat mod_ssl < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_ssl?arch=s390x&distro=redhat-8.9 redhat mod_ssl < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_ssl?arch=ppc64le&distro=redhat-8.9 redhat mod_ssl < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_ssl?arch=aarch64&distro=redhat-8.9 redhat mod_ssl < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/mod_session?arch=x86_64&distro=redhat-8.9 redhat mod_session < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_session?arch=s390x&distro=redhat-8.9 redhat mod_session < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_session?arch=ppc64le&distro=redhat-8.9 redhat mod_session < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_session?arch=aarch64&distro=redhat-8.9 redhat mod_session < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/mod_proxy_html?arch=x86_64&distro=redhat-8.9 redhat mod_proxy_html < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_proxy_html?arch=s390x&distro=redhat-8.9 redhat mod_proxy_html < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_proxy_html?arch=ppc64le&distro=redhat-8.9 redhat mod_proxy_html < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_proxy_html?arch=aarch64&distro=redhat-8.9 redhat mod_proxy_html < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/mod_md?arch=x86_64&distro=redhat-8.9 redhat mod_md < 2.0.8-8.module+el8.9.0+19080+567b90f8 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_md?arch=s390x&distro=redhat-8.9 redhat mod_md < 2.0.8-8.module+el8.9.0+19080+567b90f8 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_md?arch=ppc64le&distro=redhat-8.9 redhat mod_md < 2.0.8-8.module+el8.9.0+19080+567b90f8 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_md?arch=aarch64&distro=redhat-8.9 redhat mod_md < 2.0.8-8.module+el8.9.0+19080+567b90f8 redhat-8.9 aarch64
Affected pkg:rpm/redhat/mod_ldap?arch=x86_64&distro=redhat-8.9 redhat mod_ldap < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_ldap?arch=s390x&distro=redhat-8.9 redhat mod_ldap < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_ldap?arch=ppc64le&distro=redhat-8.9 redhat mod_ldap < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_ldap?arch=aarch64&distro=redhat-8.9 redhat mod_ldap < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/mod_http2?arch=x86_64&distro=redhat-8.9 redhat mod_http2 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5 redhat-8.9 x86_64
Affected pkg:rpm/redhat/mod_http2?arch=s390x&distro=redhat-8.9 redhat mod_http2 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5 redhat-8.9 s390x
Affected pkg:rpm/redhat/mod_http2?arch=ppc64le&distro=redhat-8.9 redhat mod_http2 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/mod_http2?arch=aarch64&distro=redhat-8.9 redhat mod_http2 < 1.15.7-8.module+el8.9.0+21652+2dd1200b.5 redhat-8.9 aarch64
Affected pkg:rpm/redhat/httpd?arch=x86_64&distro=redhat-8.9 redhat httpd < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/httpd?arch=s390x&distro=redhat-8.9 redhat httpd < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/httpd?arch=ppc64le&distro=redhat-8.9 redhat httpd < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/httpd?arch=aarch64&distro=redhat-8.9 redhat httpd < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/httpd-tools?arch=x86_64&distro=redhat-8.9 redhat httpd-tools < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/httpd-tools?arch=s390x&distro=redhat-8.9 redhat httpd-tools < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/httpd-tools?arch=ppc64le&distro=redhat-8.9 redhat httpd-tools < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/httpd-tools?arch=aarch64&distro=redhat-8.9 redhat httpd-tools < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
Affected pkg:rpm/redhat/httpd-manual?distro=redhat-8.9 redhat httpd-manual < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9
Affected pkg:rpm/redhat/httpd-filesystem?distro=redhat-8.9 redhat httpd-filesystem < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9
Affected pkg:rpm/redhat/httpd-devel?arch=x86_64&distro=redhat-8.9 redhat httpd-devel < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 x86_64
Affected pkg:rpm/redhat/httpd-devel?arch=s390x&distro=redhat-8.9 redhat httpd-devel < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 s390x
Affected pkg:rpm/redhat/httpd-devel?arch=ppc64le&distro=redhat-8.9 redhat httpd-devel < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 ppc64le
Affected pkg:rpm/redhat/httpd-devel?arch=aarch64&distro=redhat-8.9 redhat httpd-devel < 2.4.37-62.module+el8.9.0+19699+7a7a2044 redhat-8.9 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date