CVE-2025-4432

Name of the Vulnerable Software and Affected Versions Rust's Ring package (affected versions not specified) Debian Linux (affected versions not specified)

Description A flaw in Rust's Ring package can trigger a panic when overflow checking is enabled. This issue can be exploited in the QUIC protocol by sending a specially crafted packet, potentially causing the panic to occur unintentionally. The likelihood of this occurrence is estimated to be 1 out of every 2**32 packets sent or received.

Recommendations For Rust's Ring package, consider disabling overflow checking as a temporary workaround until a patch is available. For Debian Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.