Rewterz Threat Advisory – CVE-2022-26878 – Linux Kernel VirtIO Bluetooth driver Vulnerability
March 14, 2022Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
March 14, 2022Rewterz Threat Advisory – CVE-2022-26878 – Linux Kernel VirtIO Bluetooth driver Vulnerability
March 14, 2022Rewterz Threat Alert – Raccoon Infostealer – Active IOCs
March 14, 2022Severity
High
Analysis Summary
CVE-2022-0618
Apple SwiftNIO HTTP/2 is vulnerable to a denial of service, caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame. By sending a specially-crafted HTTP/2 frame, a remote attacker could exploit this vulnerability to cause the entire process to crash.
Impact
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2022-0618
Affected Vendors
- Apple
Affected Products
- Apple SwiftNIO HTTP/2 1.0.0
- Apple SwiftNIO HTTP/2 1.19.0
Remediation
Upgrade to the latest version of SwiftNIO HTTP/2, available from the swift-nio-http2 GIT Repository.