HIGH 7.5

CVE-2026-34183: OpenSSL QUIC PATH_CHALLENGE Heap Exhaustion Denial of Service

A vulnerability in OpenSSL's QUIC implementation allows a remote attacker to exhaust server or client memory by repeatedly sending specially crafted network packets called PATH_CHALLENGE frames. The QUIC stack responds to each one by allocating memory for a PATH_RESPONSE frame, but if the attacker never acknowledges these responses, the memory is never freed. An attacker can repeat this process until the application runs out of memory and crashes, causing a denial of service. This affects both QUIC clients and servers running vulnerable OpenSSL versions.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weaknesses (CWE)
CWE-1325
Affected products
2 configuration(s)
Published / Modified
2026-06-09 / 2026-06-17

NVD description (verbatim)

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATH_CHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QUIC client or server and a Denial of Service. A remote peer may exhaust heap memory by flooding the local QUIC stack with PATH_CHALLENGE frames. The local QUIC stack allocates a PATH_RESPONSE frame for every PATH_CHALLENGE it receives. The allocated PATH_RESPONSE frame gets freed only when the remote peer acknowledges reception of the PATH_RESPONSE frame which will not be done by a malicious peer. The FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this issue. The QUIC stack is outside of OpenSSL FIPS module boundary.

5 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-34183 is an unbounded memory allocation vulnerability in OpenSSL's QUIC implementation. When a QUIC peer receives a PATH_CHALLENGE frame, it allocates memory for a corresponding PATH_RESPONSE frame and transmits it. Under normal operation, this memory is released once the sender acknowledges receipt of the PATH_RESPONSE. However, a malicious peer can send PATH_CHALLENGE frames continuously without ever acknowledging the responses, causing the local QUIC stack to accumulate unfreed PATH_RESPONSE allocations. This results in heap exhaustion and process termination. The vulnerability is classified under CWE-1325 (Improperly Controlled Sequential Memory Allocation). Notably, the FIPS modules within OpenSSL 4.0, 3.6, 3.5, 3.4, and 3.0 are unaffected because the QUIC implementation exists outside the FIPS module boundary.

Business impact

Any service or application using OpenSSL's QUIC stack as a network-facing component faces denial of service risk. This includes modern applications adopting QUIC for improved performance and reliability, particularly in scenarios where the QUIC endpoint accepts untrusted connections (cloud services, public APIs, load balancers, VPNs, or CDN edge nodes). An attacker can trigger repeated service crashes without authentication, potentially disrupting critical communication channels. Recovery requires manual restart or automated restart mechanisms. Organizations using OpenSSL for QUIC connectivity should prioritize patching to prevent attackers from disrupting service availability.

Affected systems

OpenSSL versions containing QUIC implementation are affected. The vulnerability does not impact the FIPS-validated modules in OpenSSL 4.0, 3.6, 3.5, 3.4, and 3.0, as the QUIC stack is implemented outside the FIPS module boundary. Any deployment running OpenSSL's non-FIPS QUIC stack is vulnerable. This includes applications bundling OpenSSL, cloud platforms offering QUIC services, and edge computing environments where QUIC is enabled for external traffic.

Exploitability

This vulnerability is highly exploitable. The CVSS score of 7.5 (HIGH) reflects the attack vector: no authentication is required, the attack is network-based, and complexity is low. An attacker needs only network connectivity to the affected QUIC endpoint and the ability to send crafted packets—no special privileges or user interaction required. The attack is straightforward: repeatedly flood the target with PATH_CHALLENGE frames. The barrier to exploitation is minimal, making this vulnerability a practical denial of service vector. However, the vulnerability is not yet listed on the CISA Known Exploited Vulnerabilities (KEV) catalog, suggesting active in-the-wild exploitation has not been publicly disclosed at the time of publication.

Remediation

Apply OpenSSL patches issued for CVE-2026-34183 to affected versions. Consult the vendor advisory and patch notes to identify the minimum patched versions for your deployment. For applications embedding OpenSSL, ensure you update the OpenSSL library to a fixed version and recompile or redeploy the application. If immediate patching is not feasible, consider deploying network-level mitigations: limit the rate of incoming QUIC packets from untrusted sources, implement packet filtering to reduce PATH_CHALLENGE flood exposure, or temporarily disable QUIC if it is not essential. Monitor for memory exhaustion and process crashes as indicators of exploitation attempts.

Patch guidance

1. Identify all systems and applications running OpenSSL with QUIC enabled. 2. Check the OpenSSL version currently deployed (openssl version command on Unix/Linux). 3. Consult the OpenSSL security advisory for CVE-2026-34183 to identify the fixed version applicable to your branch (verify against the vendor advisory for exact version numbers). 4. Plan a phased deployment: test patched versions in a staging environment first, confirm QUIC functionality remains intact, then roll out to production. 5. For containerized or cloud-native deployments, rebuild container images with the patched OpenSSL version and redeploy. 6. Coordinate patching with any dependent applications or services that bundle OpenSSL. 7. After patching, perform a sanity check: run QUIC connectivity tests to ensure no regressions.

Detection guidance

Monitor for signs of exploitation: 1. Watch for rapid increases in memory consumption on services or processes using OpenSSL QUIC. 2. Track unexpected process restarts or crashes, especially for network-facing services. 3. Analyze network traffic for abnormally high volumes of QUIC PATH_CHALLENGE frames originating from a single or small set of sources. 4. Enable application-level logging in QUIC implementations to capture PATH_CHALLENGE/PATH_RESPONSE exchanges; anomalous patterns suggest attack activity. 5. Use system profiling tools (e.g., valgrind, heaptrack on Linux) to confirm memory leak patterns in QUIC stack behavior. 6. Set memory usage alerts on critical services; an unexplained spike may indicate an ongoing flood attack. 7. Correlate crash events with network packet captures to identify malicious QUIC traffic.

Why prioritize this

This vulnerability merits high priority due to its ease of exploitation, high impact (denial of service), and broad applicability to any OpenSSL-based QUIC deployment. Unlike vulnerabilities requiring specific configurations or user actions, this can be triggered by any network-accessible QUIC endpoint. The lack of authentication requirements and low technical complexity mean both opportunistic and targeted attackers can exploit it. However, as it is not yet on the KEV catalog, immediate emergency response is slightly less critical than for actively exploited vulnerabilities. Nonetheless, organizations running production QUIC services should schedule patching within 1–2 weeks, prioritizing internet-facing endpoints.

Risk score, explained

The CVSS v3.1 score of 7.5 (HIGH) is appropriate for this vulnerability. The attack vector is network-based (AV:N), attack complexity is low (AC:L), no privileges are required (PR:N), and no user interaction is needed (UI:N). The scope is unchanged (S:U). While confidentiality and integrity are unaffected (C:N, I:N), availability is severely impacted (A:H) due to heap exhaustion leading to denial of service. The score reflects a realistic threat: any network-accessible QUIC endpoint can be forced offline without any prerequisite access, making it a practical and damaging attack vector.

Frequently asked questions

Does this vulnerability affect OpenSSL's FIPS modules?

No. OpenSSL explicitly states that the FIPS modules in versions 4.0, 3.6, 3.5, 3.4, and 3.0 are unaffected because the QUIC stack implementation exists outside the FIPS module boundary. If your deployment uses only FIPS-validated cryptographic operations and does not enable QUIC, you are not directly exposed. However, if QUIC is enabled alongside FIPS mode, the QUIC implementation remains vulnerable.

Can this be exploited without network access?

No. The vulnerability requires the attacker to send network packets to a QUIC endpoint. However, no authentication is necessary—the attacker merely needs network-layer connectivity (direct or routed) to reach the target. This makes any internet-exposed QUIC service vulnerable to remote exploitation.

What should I do if I cannot patch immediately?

Implement compensating controls: rate-limit incoming QUIC packets from untrusted sources, use firewall rules to restrict QUIC traffic if not essential, monitor memory usage on QUIC-enabled processes, and enable automated restart mechanisms. Additionally, isolate QUIC services where possible and monitor for exploitation indicators such as unusual process crashes or memory spikes. Plan patching as soon as your maintenance window permits.

How can I tell if my application is vulnerable?

First, identify whether your application uses OpenSSL. If yes, check if QUIC support is enabled or compiled in (consult your application's documentation or configuration). If QUIC is enabled, verify the OpenSSL version using 'openssl version'. Cross-reference against the vendor advisory for CVE-2026-34183 to determine if your version is patched. If you are running a version released before the patch for this CVE, assume you are vulnerable until you confirm otherwise via the vendor advisory.

This analysis is provided for informational purposes to assist security professionals in vulnerability assessment and remediation planning. It is not a substitute for vendor advisories or your organization's security policies. Verify all patch version numbers, affected products, and mitigation strategies directly against the official OpenSSL security advisory and your specific environment's configuration. The timeline and availability of patches may vary by distribution channel and platform. Always test patches in a non-production environment before deployment. This information does not constitute legal or compliance advice. Consult your compliance team and vendor support for environment-specific guidance. Source: NVD (public-domain), retrieved 2026-07-15. Analysis generated by SEC.co (claude-haiku-4-5).