In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-02-09T00:00:00

Updated: 2024-08-01T23:52:04.898Z

Reserved: 2024-02-09T00:00:00

Link: CVE-2024-25679

cve-icon Vulnrichment

Updated: 2024-07-05T15:20:36.811Z

cve-icon NVD

Status : Modified

Published: 2024-02-09T10:15:08.740

Modified: 2024-11-21T09:01:13.083

Link: CVE-2024-25679

cve-icon Redhat

No data.