Description

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating a congestion-controlled data transfer towards itself. Then, it could manipulate the victim's congestion control state by sending ACK frames exercising an opportunistic ACK attack; see RFC 9000 Section 21.4. The victim could grow the congestion window beyond typical expectations and allow more bytes in flight than the path might really support. Patches quiche 0.24.4 is the earliest version containing the fix for this issue.

INFO

Published Date :

2025-06-18T15:45:49.994Z

Last Modified :

2025-06-18T18:27:38.799Z

Source :

cloudflare
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4820 vulnerability.

Vendors Products
Cloudflare
  • Quiche
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4820.

URL Resource
https://github.com/cloudflare/quiche/security/advisories/GHSA-2v9p-3p3h-w56j cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact