Reported

June 22, 2026

Issued

June 22, 2026

Package

quinn-proto (crates.io)

Type

Vulnerability

Categories

• denial-of-service

Keywords

#oom

Aliases

• GHSA-4w2j-m93h-cj5j

References

• https://github.com/quinn-rs/quinn/pull/2694

CVSS Score

7.5 HIGH

CVSS Details

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality Impact

None

Integrity Impact

None

Availability Impact

High

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Patched

• >=0.11.15

Description

The Assembler component that assembles unordered stream fragments into consecutive chunks of the stream incurs some overhead for non-contiguous fragments. Readers that read from a RecvStream in order (through an AsyncRead impl for example) will be sensitive to peers that send fragments while leaving out early parts of the stream, and in particular, fragments with many gaps (because these cannot be defragmented). In such a scenario, the receiving connection suffers from high buffer overhead, enabling memory exhaustion.

Advisory available under CC0-1.0 license.