Neocturne

**Name of the Vulnerable Software and Affected Versions** fastd versions prior to v23 **Description** fastd is a VPN daemon that tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd initiates a reconnect by sending a handshake packet. This "fast reconnect" avoids waiting for a session timeout until a new connection is established. Even a small UDP packet can trigger a larger handshake packet, resulting in a roughly 12-13 amplification factor. This amplification of UDP traffic could be used to facilitate a Distributed Denial of Service attack by sending data packets with a spoofed source address to fastd instances reachable on the internet. **Recommendations** For fastd versions prior to v23, update to version v23 or later to resolve the issue. As a temporary workaround, consider restricting access to fastd instances to minimize the risk of exploitation. Avoid exposing fastd instances to the internet without proper security measures in place.

**Name of the Vulnerable Software and Affected Versions** ecdsautils versions prior to 0.4.1 **Description** The issue is related to the `ecdsa verify [prepare ]legacy()` function, which does not check whether the signature values `r` and `s` are non-zero. This allows for trivial signature forgery, as a signature consisting only of zeroes is always considered valid. Requiring multiple signatures from different public keys does not mitigate the issue, as `ecdsa verify list legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. **Recommendations** For versions prior to 0.4.1, update to version 0.4.1 or later to resolve the issue. As a temporary workaround, consider disabling the `ecdsa verify [prepare ]legacy()` function until a patch is available. Restrict access to the `ecdsautil verify` CLI command and the libecdsautil library to minimize the risk of exploitation. Avoid using the `ecdsa verify list legacy()` function with multiple signatures from different public keys until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** fastd versions prior to 21 **Description** The issue allows for denial of service through an assertion failure when receiving packets with an invalid type code. **Recommendations** For versions prior to 21, update to version 21 or later to resolve the issue.