Miggo Logo
Miggo Vulnerability Database
GHSA-qg5g-gv98-5ffh

GHSA-qg5g-gv98-5ffh:
rustls network-reachable panic in `Acceptor::accept`

N/A

CVSS Score

Basic Information

CVE ID
-
GHSA ID
GHSA-qg5g-gv98-5ffh
EPSS Score
-
CWE
-
Published
11/25/2024
Updated
11/25/2024
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
rustlsrust>= 0.23.13, < 0.23.180.23.18

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper handling of fragmented ClientHello messages in the handshake processing pipeline. The call chain starts with Acceptor::accept (user-facing API), progresses through handshake message coalescing in HandshakeDeframer, and fails in buffer management via Coalescer::copy_within. The stack trace shows these functions are directly involved in the panic condition when processing fragmented inputs. The vulnerability specifically affects users of Acceptor::accept as they follow this code path, while other APIs like TlsAcceptor use different processing methods.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *u* intro*u*** in rustls *.**.** l***s to * p*ni* i* t** r***iv** TLS *li*nt**llo is *r**m*nt**. Only s*rv*rs t**t us* `rustls::s*rv*r::****ptor::****pt()` *r* *****t**. S*rv*rs t**t us* `tokio-rustls`'s `L*zy*on*i*****ptor` *PI *r* *****t**. S*

Reasoning

T** vuln*r**ility st*ms *rom improp*r **n*lin* o* *r**m*nt** *li*nt**llo m*ss***s in t** **n*s**k* pro**ssin* pip*lin*. T** **ll ***in st*rts wit* `****ptor::****pt` (us*r-***in* *PI), pro*r*ss*s t*rou** **n*s**k* m*ss*** *o*l*s*in* in `**n*s**k****r