Launchpad CVE tracker

CVE 2022-41723

A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.

Related bugs and status

CVE-2022-41723 (Candidate) is related to these bugs:

Bug #2007220: Sync golang-1.19 1.19.6-1 (main) from Debian unstable (main)

Summary				In	Importance	Status
	2007220	Sync golang-1.19 1.19.6-1 (main) from Debian unstable (main)		golang-1.19 (Ubuntu)	Undecided	Fix Released

Bug #2018272: [SRU] Update and backport google-guest-agent to 20230426.00

		In	Importance	Status
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu)	Undecided	Fix Released
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu Lunar)	Undecided	Fix Committed
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu Kinetic)	Undecided	Fix Released
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu Jammy)	Undecided	Fix Released
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu Focal)	Undecided	Fix Released
2018272	[SRU] Update and backport google-guest-agent to 20230426.00	google-guest-agent (Ubuntu Bionic)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2022-41723

References