HIGH 7.5 NuGet
Remote Denial of Service Vulnerability in Microsoft QUIC
GHSA-2x7m-gf85-3745
Published ยท Modified
Description
Impact
The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service.
Patches
The following patch was made:
- Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9
Workarounds
Beyond upgrading to the patched versions, there is no other workaround.
MSRC CVE Info
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190
References
- WEB https://github.com/microsoft/msquic/security/advisories/GHSA-2x7m-gf85-3745
- WEB https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9
- WEB https://github.com/microsoft/msquic/commit/933f7b79949bc588945672396d70b661143bb8f0
- PACKAGE https://github.com/microsoft/msquic
- WEB https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190
Ready to move
Start Securing
Free, no credit card | First findings in minutes