Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HOpenSSL
APPOpenssl4.0.03.4.0 – 3.4.6 (bez)3.5.0 – 3.5.7 (bez)3.6.0 – 3.6.3 (bez)
Powiązane podatności
OpenSSL CMS AuthEnvelopedData — niewystarczająca walidacja wejścia umożliwia atak oracle i bypass integralnośc...
OpenSSL: heap buffer overflow przy konwersji OCTET STRING na hex (32-bit)
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AV...
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt()....
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certif...