Описание
A flaw was found in quinn-proto, a pure-Rust implementation of the IETF QUIC transport protocol. A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication.
Отчет
The availability impact of this flaw is limited to specific services on Red Hat systems. Host system availability is not at risk.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Confidential Compute Attestation | build-of-trustee/trustee-rhel9 | Affected | ||
| Confidential Compute Attestation | confidential-compute-attestation-tech-preview/trustee-rhel9 | Affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-monitor-rhel9 | Affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-operator-bundle | Affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-builder-rhel9 | Affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-podvm-payload-rhel9 | Affected | ||
| Confidential Compute Attestation | openshift-sandboxed-containers/osc-rhel9-operator | Affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-operator-bundle | Affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-rhel9-operator | Affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/eventrouter-rhel9 | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication. This vulnerability is fixed in 0.11.14.
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap(), so truncated encodings cause Err(UnexpectedEnd) and panic. This is reachable over the network with a single packet and no prior trust or authentication. This vulnerability is fixed in 0.11.14.
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC ...
Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
EPSS
5.3 Medium
CVSS3