On Tuesday, Netflix, working in conjunction with Google and CERT/CC, published a security advisory covering a series of vulnerabilities that enable denial of service attacks against servers running HTTP/2 services. HTTP/2, like earlier versions, governs the application layer of the internet stack; it runs atop the transport layer (TCP), the network layer (IP), and data link layer of the internet.
Read full article on The Register