You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Stefan Eissing <ic...@apache.org> on 2022/06/08 09:43:25 UTC

CVE-2022-28614: Apache HTTP Server: read beyond bounds via ap_rwrite()

Severity: low

Description:

The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.

Credit:

The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue

References:

https://httpd.apache.org/security/vulnerabilities_24.html

Re: CVE-2022-28614: Apache HTTP Server: read beyond bounds via ap_rwrite()

Posted by Eric Covener <co...@apache.org>.

On Wed, Jun 8, 2022 at 5:43 AM Stefan Eissing <ic...@apache.org> wrote:
>
> Severity: low
>
> Description:
>
> The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.
>
> Credit:
>
> The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue
>
> References:
>
> https://httpd.apache.org/security/vulnerabilities_24.html

Some additional information has been added to this bulletin:

Modules compiled and distributed separately from Apache HTTP Server
that use the "ap_rputs" function and may pass it a very large (INT_MAX
or larger) string must be compiled against current headers to resolve
the issue.

Re: CVE-2022-28614: Apache HTTP Server: read beyond bounds via ap_rwrite()

Posted by Eric Covener <co...@apache.org>.

On Wed, Jun 8, 2022 at 5:43 AM Stefan Eissing <ic...@apache.org> wrote:
>
> Severity: low
>
> Description:
>
> The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function.
>
> Credit:
>
> The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue
>
> References:
>
> https://httpd.apache.org/security/vulnerabilities_24.html

Some additional information has been added to this bulletin:

Modules compiled and distributed separately from Apache HTTP Server
that use the "ap_rputs" function and may pass it a very large (INT_MAX
or larger) string must be compiled against current headers to resolve
the issue.