Bug 1175070 (CVE-2020-11993)

Summary: VUL-0: CVE-2020-11993: apache2: when trace/debug was enabled for the HTTP/2 module logging statements were made on the wrong connection
Product: [Novell Products] SUSE Security Incidents Reporter: Robert Frohl <rfrohl>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/264870/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-11993:5.3:(AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Robert Frohl 2020-08-10 14:57:37 UTC
CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for
the HTTP/2 module and on certain traffic edge patterns, logging statements were
made on the wrong connection, causing concurrent use of memory pools.
Configuring the LogLevel of mod_http2 above "info" will mitigate this
vulnerability for unpatched servers.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11993
http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-11993.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11993
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993
https://lists.apache.org/thread.html/r9e9f1a7609760f0f80562eaaec2aa3c32d525c3e0fca98b475240c71@%3Cdev.httpd.apache.org%3E
https://security.gentoo.org/glsa/202008-04
Comment 2 Petr Gajdos 2020-08-11 14:47:42 UTC
Will submit for 15sp2,15,12sp2/apache2.
Comment 4 Petr Gajdos 2020-08-12 08:03:41 UTC
isc:home:pgajdos:apache-test:after looks good.

I believe all fixed.
Comment 6 Swamp Workflow Management 2020-08-25 16:15:53 UTC
SUSE-SU-2020:2311-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1174052,1175070,1175071,1175074
CVE References: CVE-2020-11984,CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    apache2-2.4.43-3.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    apache2-2.4.43-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2020-08-26 19:22:27 UTC
SUSE-SU-2020:2344-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1175070,1175071,1175074
CVE References: CVE-2020-11984,CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    apache2-2.4.33-3.33.1
SUSE Linux Enterprise Server 15-LTSS (src):    apache2-2.4.33-3.33.1
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    apache2-2.4.33-3.33.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    apache2-2.4.33-3.33.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    apache2-2.4.33-3.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Swamp Workflow Management 2020-08-29 16:16:12 UTC
openSUSE-SU-2020:1285-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1174052,1175070,1175071,1175074
CVE References: CVE-2020-11984,CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    apache2-2.4.43-lp152.2.3.1
Comment 9 Swamp Workflow Management 2020-08-30 10:16:51 UTC
openSUSE-SU-2020:1293-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1175070,1175071,1175074
CVE References: CVE-2020-11984,CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    apache2-2.4.33-lp151.8.15.1
Comment 11 Swamp Workflow Management 2020-09-02 13:21:04 UTC
SUSE-SU-2020:2450-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1175070,1175071,1175072
CVE References: CVE-2020-11985,CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    apache2-2.4.23-29.63.1
SUSE OpenStack Cloud Crowbar 8 (src):    apache2-2.4.23-29.63.1
SUSE OpenStack Cloud 9 (src):    apache2-2.4.23-29.63.1
SUSE OpenStack Cloud 8 (src):    apache2-2.4.23-29.63.1
SUSE OpenStack Cloud 7 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP5 (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    apache2-2.4.23-29.63.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    apache2-2.4.23-29.63.1
SUSE Enterprise Storage 5 (src):    apache2-2.4.23-29.63.1
HPE Helion Openstack 8 (src):    apache2-2.4.23-29.63.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Marcus Meissner 2020-09-11 13:58:03 UTC
done
Comment 13 Swamp Workflow Management 2020-10-28 14:17:29 UTC
SUSE-SU-2020:3067-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1175070,1175071,1178074
CVE References: CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    apache2-2.4.33-3.41.1
SUSE Linux Enterprise Server 15-LTSS (src):    apache2-2.4.33-3.41.1
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    apache2-2.4.33-3.41.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    apache2-2.4.33-3.41.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    apache2-2.4.33-3.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2020-10-31 20:14:08 UTC
openSUSE-SU-2020:1792-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1175070,1175071,1178074
CVE References: CVE-2020-11993,CVE-2020-9490
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    apache2-2.4.33-lp151.8.21.1