FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service

Affected packages
h2o <= 2.2.6
h2o-devel < 2.3.0.d.20230427


VuXML ID 4da51989-5a8b-4eb9-b442-46d94ec0802d
Discovery 2023-04-27
Entry 2023-04-30

Elijah Glover reports:

Malformed HTTP/1.1 requests can crash worker processes. occasionally locking up child workers and causing denial of service, and an outage dropping any open connections.


CVE Name CVE-2023-30847