Name of the Vulnerable Software and Affected Versions s2n-quic versions <=v1.24.0

Description The issue in s2n-quic causes the endpoint to shut down due to a combination of peer-initiated connection migration and duplicate new connection ID frames being received. No AWS services are affected, and customers of AWS services do not need to take action.

Recommendations For s2n-quic versions <=v1.24.0, upgrade the application to the most recent release of s2n-quic, specifically to version v1.25.0 or later, as it includes the patch for this issue.