CVE-2025-4821

Name of the Vulnerable Software and Affected Versions quiche versions prior to 0.24.4

Description The issue is related to incorrect congestion window growth, which could cause quiche to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit this by completing a handshake, initiating a congestion-controlled data transfer, and manipulating the victim's congestion control state by sending ACK frames covering a large range of packet numbers, as described in RFC 9000 Section 19.3. This could lead to the congestion window growing beyond typical expectations, allowing more bytes in flight than the path might really support, and potentially causing an overflow panic.

Recommendations For versions prior to 0.24.4, update to quiche version 0.24.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of congestion-controlled data transfers to minimize the risk of exploitation. Avoid using the ACK frames to manipulate the congestion control state until the issue is resolved.