You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 27316
About this tag
CVE-2024-27316 is an Apache HTTP Server vulnerability involving HTTP/2 denial-of-service via endless CONTINUATION frames that cause memory exhaustion. The flaw has been fixed upstream in Apache httpd releases. Microsoft has acknowledged that Azure Linux includes the open-source library and is therefore potentially affected, though this advisory is a product-scoped inventory statement and does not guarantee that no other Microsoft product contains the vulnerable component. Discussions on WindowsForum.com cover the technical details of the vulnerability, its impact on Azure Linux, and the broader implications for Microsoft products that may incorporate the affected Apache httpd library.
The Apache HTTP Server vulnerability tracked as CVE-2024-27316 — an HTTP/2 denial-of-service triggered by an attacker sending endless CONTINUATION frames that cause memory exhaustion — is real, fixed upstream in the Apache httpd releases, and Microsoft’s brief advisory that “Azure Linux includes...