Miggo Logo
Miggo Vulnerability Database
CVE-2025-29908

CVE-2025-29908:
Netty QUIC hash collision DoS attack

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-29908
GHSA ID
GHSA-hqqc-jr88-p6x2
EPSS Score
0.28654%
CWE
CWE-407
Published
3/31/2025
Updated
3/31/2025
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
io.netty.incubator:netty-incubator-codec-quicmaven< 0.0.71.Final0.0.71.Final

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from using a standard HashMap with ByteBuffer keys for connection management. The hash implementation for ByteBuffer was vulnerable to collision attacks. The patch replaces this with a SipHash-protected ConnectionIdChannelMap. Runtime detection would show:

  1. The QuicheQuicCodec's connectionIdToChannel field operations
  2. HashMap.put/get methods handling colliding keys
  3. High CPU usage in HashMap collision resolution code paths Evidence from the patch shows direct replacement of HashMap with a secure alternative, confirming these were the vulnerable entry points.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in t** *o***. * **s* *ollision vuln*r**ility (in t** **s* m*p us** to m*n*** *onn**tions) *llows r*mot* *tt**k*rs to **us* * *onsi**r**l* *PU lo** on t** s*rv*r (* **s* *oS *tt**k) *y initi*tin* *onn**tions wit* *olli*in* Sour

Reasoning

T** vuln*r**ility st*mm** *rom usin* * st*n**r* **s*M*p wit* *yt**u***r k*ys *or *onn**tion m*n***m*nt. T** **s* impl*m*nt*tion *or *yt**u***r w*s vuln*r**l* to *ollision *tt**ks. T** p*t** r*pl***s t*is wit* * Sip**s*-prot**t** *onn**tionI****nn*lM*