CVE-2025-54939 | litespeedtech LiteSpeed QUIC up to 4.3.0 lsquic_engine_packet_in allocation of resources

Inserito da Angelo Barbosa | Ago 1, 2025 | CVE

A vulnerability was found in litespeedtech LiteSpeed QUIC up to 4.3.0. It has been declared as problematic. This vulnerability affects the function lsquic_engine_packet_in. The manipulation leads to allocation of resources.

This vulnerability was named CVE-2025-54939. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-54939 | litespeedtech LiteSpeed QUIC up to 4.3.0 lsquic_engine_packet_in allocation of resources

Post correlati

CVE-2021-47178 | Linux Kernel up to 5.12.8 scsi smp_processor_id stack-based overflow (a20b6eaf4f35/70ca3c57ff91)

CVE-2024-42276 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 nvme-pci nvme_map_data null pointer dereference

CVE-2024-40988 | Linux Kernel up to 6.9.6 kv_dpm.c memory corruption

CVE-2024-23979 | F5 BIG-IP up to 15.1.8/16.1.3/17.1.0 Certificate allocation of resources (K000134516)