In the master branch 53a0d97, DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops.
This vulnerability could be reproduced by sending packets to complete two times of handshakes. The epoch number in the first handshake is larger than that in the second handshake; however, servers still could allow completing these handshakes. The following shows the packets captured by Wireshark.
boaks
commented
5 months ago
In the master branch 53a0d97, DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops.
This vulnerability could be reproduced by sending packets to complete two times of handshakes. The epoch number in the first handshake is larger than that in the second handshake; however, servers still could allow completing these handshakes. The following shows the packets captured by Wireshark.