Full Report
A new HTTP/2 denial-of-service (DoS) vulnerability called MadeYouReset was recently disclosed by security researchers. Cloudflare HTTP DDoS mitigation, already protects from MadeYouReset.
Analysis Summary
# Vulnerability: MadeYouReset HTTP/2 Denial-of-Service (DoS) Vulnerability
## CVE Details
- **CVE ID:** Not explicitly provided in the context. (Requires external lookup based on "MadeYouReset")
- **CVSS Score:** Not explicitly provided in the context.
- **CWE:** Not explicitly provided in the context. (Likely related to resource exhaustion or improper request handling)
## Affected Systems
- **Products:** HTTP/2 implementations (Specific vendors not listed in context)
- **Versions:** Unknown (General HTTP/2 stack vulnerability implied)
- **Configurations:** Systems processing HTTP/2 traffic.
## Vulnerability Description
The vulnerability, named "MadeYouReset," is a Denial-of-Service (DoS) flaw identified in the HTTP/2 protocol implementation. The nature of the DoS stems from the ability to send specific, potentially malformed, HTTP/2 requests that could lead to resource exhaustion or unstable behavior on the server side, causing it to crash or become unresponsive.
## Exploitation
- **Status:** Unclear. The article mentions disclosure, but not widespread exploitation.
- **Complexity:** Unknown.
- **Attack Vector:** Network (via crafted HTTP/2 frames/requests).
## Impact
- **Confidentiality:** Low (Primary impact is availability)
- **Integrity:** Low
- **Availability:** High (DoS attack)
## Remediation
### Patches
- **Specific Patches:** Not provided in the context. Patch availability depends on specific vendor implementations of the HTTP/2 stack (e.g., libraries, web servers).
### Workarounds
- **Primary Mitigation:** **Cloudflare HTTP DDoS mitigation** is explicitly stated to protect against this specific vector.
## Detection
- **Indicators of Compromise (IoCs):** High volume of specially crafted HTTP/2 `RESET_STREAMS` frames or connection setup/teardown attempts.
- **Detection Methods and Tools:** Monitoring HTTP/2 traffic for abnormally high rates of connection resets or unusual frame sequences. Standard WAF/DDoS mitigation services may already handle this if they inspect the HTTP/2 layer effectively.
## References
- [Vendor advisories]: Search for "MadeYouReset HTTP/2 vulnerability" for specific vendor patches.
- [Relevant links - defanged]: None provided in the source context.