A newly disclosed vulnerability in the HTTP/2 protocol can trigger severe denial-of-service conditions on five of the most widely deployed web server and proxy platforms — all without requiring any custom configuration or operator misstep. Tests show that a single client can force an affected server to consume approximately 32 GB of memory in as little as 20 seconds.
The flaw has been codenamed HTTP/2 Bomb by Calif, and according to The Hacker News it affects NGINX, Apache HTTPD, Microsoft Internet Information Services (IIS), Envoy, and Cloudflare's Pingora proxy in their default settings. The vulnerable behaviour is baked into the way these platforms implement HTTP/2 out of the box.
Exploiting HPACK and flow control
The attack works by abusing two core HTTP/2 mechanisms: HPACK header compression and flow control. HPACK, which reduces overhead by compressing request and response headers, and the protocol's flow control windows — designed to manage data transfer rates between client and server — can be manipulated in tandem to force a server into allocating and holding enormous amounts of memory per connection.
What makes this vulnerability particularly concerning is its scope. Unlike flaws that require unusual or insecure settings to be exploited, the HTTP/2 Bomb targets behaviour present in the default configuration of each affected platform. Any operator running a standard deployment of NGINX, Apache, IIS, Envoy, or Cloudflare Pingora with HTTP/2 enabled is potentially exposed.
The affected software collectively underpins a vast portion of the internet's infrastructure, from enterprise data centres to cloud-native microservice architectures. Organisations relying on these servers for mission-critical workloads face the prospect of service disruption if the flaw is exploited before mitigations or patches are widely deployed.
AI-assisted vulnerability discovery
According to Calif, the vulnerability was discovered using OpenAI Codex, which identified the flaw by chaining together specific protocol behaviours that individually appear benign but combine into an exploitable condition.
This AI-assisted approach to vulnerability research represents a notable development in security tooling. While AI systems have been used for code review and fuzzing in recent years, the use of a language model to reason through protocol-level interactions and identify novel attack chains signals a maturing capability. Such tools could dramatically accelerate the pace at which complex protocol flaws are discovered — for both defenders and attackers.
A recurring pattern in HTTP/2
The HTTP/2 Bomb disclosure follows a well-established pattern of security issues emerging from the protocol's complexity. In 2023, the HTTP/2 Rapid Reset attack (CVE-2023-44487) demonstrated how abusing stream multiplexing could overwhelm servers at massive scale, leading to some of the largest distributed denial-of-service events ever recorded at the time.
HTTP/2 was designed to improve performance over HTTP/1.1 through features like multiplexed streams, header compression, and server push. However, the protocol's stateful nature and the multiple ways clients and servers can interact have repeatedly proven to be fertile ground for security researchers. Each new class of vulnerability underscores that protocol maturity does not necessarily equate to resilience against novel attack vectors.
What organisations should do
As of the time of disclosure, detailed proof-of-concept code has not been made publicly available, giving vendors a critical window to develop and distribute patches. Administrators running any of the five affected platforms should monitor their respective vendor advisories closely — F5 for NGINX, the Apache Software Foundation for Apache HTTPD, Microsoft for IIS, the Cloud Native Computing Foundation for Envoy, and Cloudflare for Pingora.
In the interim, organisations may consider restricting HTTP/2 exposure to trusted networks, implementing rate limiting, or temporarily disabling HTTP/2 in favour of HTTP/1.1 for externally facing services — though these are blunt mitigations that carry notable performance trade-offs.
The discovery serves as another reminder that even foundational internet protocols require continuous scrutiny, and that emerging AI tools are poised to play an increasingly significant role in how vulnerabilities are found and disclosed.
HTTP/2 協議中一個新近披露的漏洞,可在五種最廣泛部署的網頁伺服器及代理平台上觸發嚴重的阻斷服務狀況——且完全無需任何自訂配置或操作人員的錯誤設定。測試顯示,單一客戶端可在短短 20 秒內,迫使受影響的伺服器消耗約 32 GB 記憶體。
此漏洞被 Calif 命名為 HTTP/2 炸彈,根據 The Hacker News 報導,它在預設設定下已影響 NGINX、Apache HTTPD、Microsoft Internet Information Services (IIS)、Envoy 以及 Cloudflare 的 Pingora 代理。受影響的行為已深植於這些平台開箱即用的 HTTP/2 實現方式中。
利用 HPACK 與流量控制
此攻擊透過濫用兩個 HTTP/2 核心機制來達成:HPACK 標頭壓縮及流量控制。HPACK 透過壓縮請求與回應標頭來減少開銷,而協議的流量控制窗口則設計用於管理客戶端與伺服器之間的數據傳輸速率——兩者可被聯手操控,迫使伺服器為每個連接分配並持有大量記憶體。
此漏洞之所以特別令人擔憂,在於其影響範圍。與那些需要異常或不安全設定才能被利用的漏洞不同,HTTP/2 炸彈針對的是每個受影響平台預設配置中存在的行為。任何運行標準部署,並啟用了 HTTP/2 的 NGINX、Apache、IIS、Envoy 或 Cloudflare Pingora 營運者,都潛在面臨風險。
受影響的軟件共同支撐著互聯網基礎架構的很大一部分,從企業數據中心到雲原生微服務架構皆然。依賴這些伺服器執行關鍵任務工作負載的機構,若在緩解措施或修補程式廣泛部署前漏洞遭利用,將面臨服務中斷的風險。
人工智能輔助的漏洞發現
根據 Calif 的說法,此漏洞是透過 OpenAI Codex 發現的,該工具透過將特定的協議行為串聯起來識別出此漏洞——這些行為單獨看來無害,但結合起來卻形成可利用的狀態。
這種人工智能輔助的漏洞研究方法,標誌著安全工具發展的一個顯著進步。雖然近年來人工智能系統已用於代碼審查和模糊測試,但利用語言模型推演協議層級的互動並識別新穎攻擊鏈,顯示了其日趨成熟的能力。此類工具可能大幅加速複雜協議漏洞的發現速度——無論對防禦者還是攻擊者而言。
HTTP/2 中反覆出現的模式
HTTP/2 炸彈漏洞的披露,遵循了一個因協議複雜性而產生安全問題的既有模式。2023 年,HTTP/2 快速重置攻擊(CVE-2023-44487)展示了濫用串流多工技術如何能在大規模上癱瘓伺服器,導致了當時有紀錄以來一些最大規模的分散式阻斷服務事件。
HTTP/2 的設計初衷是透過多工串流、標頭壓縮和伺服器推送等功能,改善 HTTP/1.1 的性能。然而,協議的有狀態特性以及客戶端與伺服器間可互動的多種方式,已反覆證明是安全研究人員的沃土。每一類新漏洞都強調,協議成熟度未必等同於對新穎攻擊向量的抵禦能力。
機構應採取的行動
截至披露之時,詳細的概念驗證代碼尚未公開發布,這給了供應商開發和分發修補程式的關鍵時間窗口。運行任何五個受影響平台的管理員,應密切監控其各自供應商的公告——NGINX 關注 F5,Apache HTTPD 關注 Apache 軟件基金會,IIS 關注 Microsoft,Envoy 關注雲原生計算基金會,Pingora 關注 Cloudflare。
在此期間,機構可考慮將 HTTP/2 的使用範圍限制在受信任的網絡內、實施速率限制,或暫時停用 HTTP/2 而為面向外部的服務採用 HTTP/1.1——儘管這些是粗略的緩解措施,且會帶來明顯的性能取捨。
此發現再次提醒,即使是基礎的互聯網協議也需要持續審視,而新興的人工智能工具,正準備在漏洞發現與披露的方式中,扮演日益重要的角色。