CVE-2026-43974: gun HTTP/1.1 client accepts unsolicited 101 Switching Protocols response allowing server-driven protocol hijack and OOM
Unexpected Status Code or Return Value vulnerability in ninenines gun (gun_http module) allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Protocols response. In gun_http:handle_inform/8, when a 101 Switching Protocols response is received over HTTP/1.1, the function verifies only that the Upgrade header is syntactically valid and that the stream reference is a plain reference(). It does not check whether the client ever sent an Upgrade or Connection: upgrade header on the corresponding request. Because this check is absent, any 101 response (solicited or not) causes gun to dispatch a gun_upgrade message to the caller and transition the entire connection to raw protocol mode. A malicious or compromised HTTP server can send an unsolicited 101 response to any HTTP/1.1 request, causing the gun client to abandon HTTP framing for that connection. Once in raw mode, gun_raw applies no flow control (flow=infinity) and re-arms socket active mode after every received packet, so the server can flood the client with arbitrary bytes. These are forwarded as unbounded gun_data messages to the owner process, exhausting its mailbox and BEAM memory, ultimately crashing the VM. This issue affects gun: from 2.0.0 before 2.4.0.
Metrics
- CVSS v4.0
- 8.7
- Severity
- HIGH
- Fixed in
- 2.4.0
- Affected Products
- 2
HarborGuard Analysis
Synopsis
An unexpected-status-code vulnerability in the ninenines gun HTTP/1.1 client (the gun_http module) allows a malicious or compromised HTTP server to hijack the connection's protocol state without any client-side request for an upgrade. The flaw is reachable over the network with no authentication required, as the client simply connects to a server that responds with an unsolicited 101 Switching Protocols message. Successful exploitation transitions the connection into unbounded raw mode, enabling the server to flood the client process with arbitrary data and exhaust BEAM VM memory, crashing the process. A patched-image rebuild at version 2.4.0 is available on HarborGuard for environments running an affected version.
HarborGuard Coverage
Detection of CVE-2026-43974 is available across every HarborGuard environment: the CVE is ingested from upstream advisory feeds within minutes of publication and matched against all container images in customer registries and CI/CD pipelines, including custom-built images that vendor or bundle the gun library. Any image layer containing a gun release in the range 2.0.0 through 2.4.0 (exclusive) is flagged automatically.
AvailableHarborGuard scores this CVE at CVSS v4.0 8.7 (HIGH) and surfaces it through per-environment compliance policy weighting, so teams with stricter availability-impact thresholds see it elevated in priority. Triage results are routed to the inbox or ticketing integration configured for each customer organization, ensuring the right team sees the finding without manual triage overhead.
AvailableA patched-image rebuild at gun 2.4.0 (commit 5b48068c29ce5e112cb149b5857c7d4dc319a81b) becomes available on HarborGuard as soon as the upstream fix is confirmed for an affected image. For customers who opt into auto-remediation, HarborGuard triggers a rebuild, runs a regression test suite against the updated image, and opens a pull request against affected workloads automatically.
AvailableExploit Conditions
- Network reachabilityRequired
The attacker must operate a reachable HTTP server that the gun client connects to over the network; the malicious 101 response is delivered over that same TCP connection.
- AuthenticationNot required
No credentials or session token are needed; the attack is mounted entirely by the server side of a normal HTTP connection.
- Victim interactionNot required
No user or operator action is required beyond the application making an ordinary HTTP request to the malicious server.
- Attack complexityDetail
Exploitation is reliable and condition-free: the server only needs to send a syntactically valid 101 response, with no race conditions or memory-layout requirements.
Blast Radius
- The gun client process is forced into raw protocol mode, permanently abandoning HTTP framing for the affected connection.
- The server floods the client with arbitrary bytes that are forwarded as unbounded gun_data messages, exhausting the BEAM process mailbox.
- Uncontrolled memory growth from the message queue overload crashes the BEAM VM, taking down every process sharing that runtime instance.
- Any service or workload whose availability depends on the affected Erlang node becomes unavailable for the duration of the crash.
How HarborGuard Handles This
Available on HarborGuard: images containing gun in the range 2.0.0 through 2.4.0 (exclusive) are flagged at ingestion time, scored at CVSS v4.0 8.7 HIGH, and queued for a patched rebuild targeting gun 2.4.0. For customers who have auto-remediation enabled, HarborGuard can produce a rebuilt image, execute a regression test run, and open a pull request against affected workloads; median time from CVE publication to merged patch PR for HIGH-severity issues is around 90 minutes in environments with auto-remediation enabled. Where compliance policy does not permit automated remediation, the finding is surfaced in the customer dashboard with pinned remediation guidance noting the exact fix version and commit hash (5b48068c29ce5e112cb149b5857c7d4dc319a81b). As a compensating control while a rebuild is in progress, teams can apply network policy to restrict the set of HTTP servers the gun client is permitted to reach, reducing exposure to malicious or compromised upstream hosts.
- ninenines / gun< 2.4.0 (from 2.0.0)
- ninenines / gun< 5b48068c29ce5e112cb149b5857c7d4dc319a81b (from a3c2edbb8c807717e2f10520c6cf1e77a62eab2e)
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N