HTTP/2 Server ¶à¸ö»Ø¾ø·þÎñ·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-08-14

? ·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-9511£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9512£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9513£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9514£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9515£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9516£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9517£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨
CVE±àºÅ£ºCVE-2019-9518£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


ºÏÓÃÓÚHTTP/2ºÍ̸


·ì϶¸ÅÊö


HTTP/2£¨Hypertext Transfer Protocol Version 2£©ÎÞÒÉÊÇÏÂÒ»´ú»¥ÁªÍø¼Ó¿ì¼¼ÊõµÄ»ùʯÓë·½Ïò£¬×Ôµ®ÉúÒÔÀ´¾­ÀúÁË00~17 ¹² 18 °æ²Ý°¸£¬Ä¿Ç°£¬ÒѾ­Õ¼ÓÐÁËÃ÷È·µÄRFC³ß¶È£ºRFC 7540ºÍRFC 7541¡£ Ä¿Ç°Ö§³Ö HTTP/2 µÄä¯ÀÀÆ÷ÓÐ Chrome 41+¡¢Firefox 36+¡¢Safari 9+¡¢Windows 10 É쵀 IE 11 ºÍ Edge¡£·þÎñÆ÷·½ÃæÔòÓÐ F5¡¢H2O¡¢nghttp2 µÈÊýÊ®ÖÖÑ¡Ôñ£¬¸÷Àà˵»°ÊµÏֵĶ¼ÓС£


HTTP/2ʵÏÖ¹ý³ÌÖÐÈÝÒ×Êܵ½¸÷Àà»Ø¾ø·þÎñ£¨DoS£©¹¥»÷£¬¾ßÌåÈçÏ£º


CVE-2019-9511

¹¥»÷Õßͨ¹ý¶à¸öÁ÷´ÓÖ¸¶¨×ÊÔ´ÒªÇó´óÁ¿Êý¾Ý¡£ËüÃǰѳִ°¿Ú´óÓ׺ÍÁ÷ÓÅÏȼ¶ÒÔÇ¿Ôì·þÎñÆ÷ÒÔ1×Ö½Ú¿éµÄ´ó¾Ö¶ÔÊý¾Ý½øÐÐÁжÓ¡£Æ¾¾Ý´ËÊý¾ÝÁжӵÄЧÄÜ£¬Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄCPU£¬ÄÚ´æ»òÁ½Õߣ¬´Ó¶ø¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9512

¹¥»÷ÕßÏòHTTP/2¶ÔµÈÌå·¢ËͽÐøping£¬µ¼Ö¶ԵÈÌå¹¹½¨ÄÚ²¿ÏìÓ¦¶ÓÁС£Æ¾¾Ý´ËÊý¾ÝÁжӵÄЧÄÜ£¬Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄCPU£¬ÄÚ´æ»òÁ½Õߣ¬´Ó¶ø¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9513

¹¥»÷Õß´´½¨¶à¸öÒªÇóÁ÷£¬²¢ÒÔÒ»ÖÖµ¼ÖÂÓÅÏȼ¶Ê÷´óÁ¿Á÷ʧµÄ·½Ê½²»ÐݵØŤתÁ÷µÄÓÅÏȼ¶¡£Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄCPU£¬¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9514

¹¥»÷Õß´ò¿ª¶à¸öÁ÷£¬²¢ÔÚÿ¸öÁ÷ÉÏ·¢ËÍÒ»¸öÎÞЧҪÇ󣬸ÃÒªÇóÓ¦¸Ã´Ó¶ÔµÈ·½ÒªÇóRST_STREAMÖ¡Á÷¡£Æ¾¾Ý¶ÔµÈÌåÈôºÎ¶ÔRST_STREAMÖ¡½øÐÐÁжÓ£¬Õâ»á¿÷Ëð¹ý¶àµÄÄڴ棬CPU»òÁ½Õߣ¬´Ó¶ø¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9515

¹¥»÷ÕßÏò¶ÔµÈÌå·¢ËÍSETTINGSÖ¡Á÷¡£ÓÉÓÚRFCÒªÇó¶ÔµÈÌå»Ø¸´Ã¿¸öSETTINGSÖ¡ÓÐÒ»¸öÈ·ÈÏ£¬Òò¶ø¿ÕµÄSETTINGSÖ¡ÔÚÐÐΪÉÏÓëpingÏÕЩһÑù¡£Æ¾¾Ý´ËÊý¾ÝÁжӵÄЧÄÜ£¬Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄCPU£¬ÄÚ´æ»òÁ½Õߣ¬´Ó¶ø¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9516

¹¥»÷Õß·¢ËÍ´øÓÐ0³¤¶ÈÍ·Ãû³ÆºÍ0³¤¶ÈÍ·²¿ÖµµÄÍ·²¿Á÷£¬¿ÉÑ¡µØ½«»ô·òÂü±àÂëΪ1×Ö½Ú»ò¸ü´óµÄÍ·²¿¡£Ä³Ð©ÊµÏÖΪÕâЩͷ·ÖÅäÄڴ沢ʹ·ÖÅäά³Ö»î¶¯Ö±µ½»á»°ÖÕÖ¹¡£Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄÄڴ棬¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9517

¹¥»÷Õß´ò¿ªHTTP/2´°¿Ú£¬ÒÔ±ã¶ÔµÈÌåÄܹ»ÎÞÏ޶ȵط¢ËÍ¡£µ«ÊÇ£¬ËüÃÇ»áʹTCP´°¿Ú¹Ø¹Ø£¬Òò¶ø¶ÔµÈÌåÏÖʵÉÏÎÞ·¨ÔÚÏß·ÉÏдÈ루ºÜ¶à£©×Ö½Ú¡£¶øºó£¬¹¥»÷Õß·¢ËÍ´óÁ¿ÏìÓ¦¶ÔÏóµÄÒªÇóÁ÷£¬Æ¾¾Ý·þÎñÆ÷¶ÔÏìÓ¦½øÐÐÁжӵķ½Ê½£¬Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄÄڴ棬CPU»òÁ½Õߣ¬´Ó¶ø¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


CVE-2019-9518

¹¥»÷Õß·¢ËÍÒ»¸öÓµÓпÕÔغÉÇÒûÓÐÁ÷ĩβ±êÖ¾µÄÖ¡Á÷¡£ÕâЩ֡¿ÉËùÒÔDATA£¬HEADERS£¬CONTINUATIONºÍ/»òPUSH_PROMISE¡£¶ÔµÈÌåÆƷѹ¦·ò´¦ÖÃÿ¸öÖ¡Óë¹¥»÷´ø¿í²»³É±ÈÀý¡£Õâ¿ÉÄÜ»á¿÷Ëð¹ý¶àµÄCPU£¬¿ÉÄܵ¼Ö»ؾø·þÎñ¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£


½¨¸´½¨Òé


Microsoft:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-9513
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-9512
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-9511

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-9518 £»


Nginx:

http://nginx.org/en/CHANGES


Apple:

https://support.apple.com/en-us/HT210436


²Î¿¼Á´½Ó


https://kb.cert.org/vuls/id/605641/