A vulnerability was found in Apache httpd, in mod_http2. Under certain circumstances, HTTP/2 early pushes could lead to memory corruption, causing a server to crash.
This flaw is only exploitable if Apache httpd is configured to respond to HTTP/2 requests, which is done by including "h2" or "h2c" in the "Protocols" list in a configuration file. The following command can be used to search for possible vulnerable configurations:
grep -R '^\s*Protocols\>.*\<h2\>' /etc/httpd/
See <https://httpd.apache.org/docs/2.4/mod/mod_http2.html>