CVE-2024-45311
HIGH7.5EPSS 0.58%`Endpoint::retry()` calls can lead to panicking
發布日:2024/9/3修改日:2024/9/8
描述
In 0.11.0, we overhauled the server-side `Endpoint` implementation to enable more careful handling of incoming connection attempts. However, some of the code paths that cleaned up state after connection attempts were processed confused the initial destination connection ID with the destination connection ID of a substantial package. This resulted in the internal `Endpoint` state becoming inconsistent, which could then lead to a panic. https://github.com/quinn-rs/quinn/commit/e01609ccd8738bd438d86fa7185a0f85598cb58f Thanks to [@finbear](https://github.com/finnbear) for reporting and investingating, and to [@BiagoFesta](https://github.com/BiagoFesta) for coordinating.
受影響套件(2)
- crates.io/quinn-proto>= 0.11.0, < 0.11.7
- crates.io/quinn-proto>= 0.11.0, < 0.11.7
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
參考連結(7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-45311
- PATCHhttps://crates.io/crates/quinn-proto
- PATCHhttps://github.com/quinn-rs/quinn
- WEBhttps://github.com/quinn-rs/quinn/blob/bb02a12a8435a7732a1d762783eeacbb7e50418e/quinn-proto/src/endpoint.rs#L213
- WEBhttps://github.com/quinn-rs/quinn/commit/e01609ccd8738bd438d86fa7185a0f85598cb58f
- WEBhttps://github.com/quinn-rs/quinn/security/advisories/GHSA-vr26-jcq5-fjj8
- WEBhttps://rustsec.org/advisories/RUSTSEC-2024-0373.html