Vulnerability Affecting User Datagram Protocol Implementations

Published on 28 Mar 2024

Security researchers have disclosed a vulnerability (CVE-2024-2169) affecting implementations of User Datagram Protocol (UDP).

Successful exploitation of the vulnerability could allow an attacker to conduct loop denial-of-service (DOS) attacks through IP spoofing, causing two servers to continuously communicate with each other indefinitely over a protocol utilised by both the servers.

The vulnerability affects implementations of UDP-based application protocols including Domain Name System, Network Time Protocol, Trivial File Transfer Protocol, Echo (RFC862), Chargen (RFC864), and QOTD (RFC865).

Users and administrators of products using vulnerable implementations of UDP are advised to update to the latest versions immediately.

Administrators may also wish to implement the following measures to protect their network from loop DOS attacks:

• Implement firewall rules and strict access control lists to prevent unauthorised access to applications

• Disable all UDP services that are not essential for business operations

• Deploy anti-spoofing measures to mitigate IP spoofing attacks

More information is available here:

https://cispa.de/en/loop-dos

https://kb.cert.org/vuls/id/417980

https://www.bleepingcomputer.com/news/security/new-loop-dos-attack-may-impact-up-to-300-000-online-systems/