AIKIDO-2025-10141
ring is vulnerable to Denial of Service (DoS)
20
Low Risk
This Affects:
ringTL;DR
Affected versions of this package may panic due to overflow checking when using ring::aead::quic::HeaderProtectionKey::new_mask(). In the QUIC protocol, an attacker can trigger this panic by sending a specially crafted packet. Even without malicious intent, this issue is likely to occur in approximately 1 out of every 2³² packets sent or received. Additionally, on 64-bit targets, operations using ring::aead::{AES_128_GCM, AES_256_GCM} may panic when overflow checking is enabled if a single encryption or decryption operation processes around 64GB of data in one chunk. Protocols like TLS and SSH are unaffected since they break large data into smaller chunks. Most applications also do not handle such large amounts of data in a single operation. By default, overflow checking is disabled in release mode but can be enabled using RUSTFLAGS="-C overflow-checks" or overflow-checks = true in Cargo.toml. In debug mode, overflow checking is usually enabled by default.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range and overflow checking is enabled.
Background info
ring is vulnerable to Denial of Service (DoS) in versions 0.17.9 - 0.17.11.
How to fix this
Upgrade the ring library to the patch version or turn off overflow checking.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant