rustls

About this tag
Rustls, the memory-safe TLS library written in Rust, has been found to contain a denial-of-service vulnerability. Under a specific handshake sequence, a blocking rustls server can enter an infinite loop inside rustls::conn::ConnectionCommon::complete_io(), consuming CPU and preventing normal connections. This design flaw affects high-availability systems and requires immediate patching. Operators using rustls in blocking server code should prioritize updates and mitigations to avoid service disruption.
  1. Rustls Handshake DoS Bug: Patch Now to Stop Infinite Loops

    Rustls—the widely used, memory-safe TLS library written in Rust—contains a denial‑of‑service design flaw: under a specific, easily reproducible handshake sequence a blocking rustls server can enter an infinite loop inside rustls::conn::ConnectionCommon::complete_io(), consuming CPU and...