Novel DoS Vulnerability Affecting WebRTC Media Servers

Read Time:23 Second

Posted by Sandro Gauci via Fulldisclosure on Jul 03

Dear Colleagues,

We have published a new blog post discussing a novel Denial-of-Service (DoS) vulnerability affecting WebRTC media
servers.

## Executive summary (TL;DR)

A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP,
specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and
DTLS traffic and can be exploited…

containernetworking-plugins-1.5.1-2.fc40

FEDORA-2025-f87fe38331 Packages in this update: containernetworking-plugins-1.5.1-2.fc40 Update description: Resolve FTBFS and rhbz#2351926 Read More

March 29, 2025

matrix-synapse-1.111.1-4.fc40

FEDORA-2025-cef83410f7 Packages in this update: matrix-synapse-1.111.1-4.fc40 Update description: Backport fixes from v1.127.1 Read More

March 29, 2025

matrix-synapse-1.118.0-4.fc41

FEDORA-2025-cddcfd6518 Packages in this update: matrix-synapse-1.118.0-4.fc41 Update description: Backport fixes from v1.127.1 Read More

March 29, 2025

matrix-synapse-1.127.1-1.fc42

FEDORA-2025-63751ef564 Packages in this update: matrix-synapse-1.127.1-1.fc42 Update description: Update to v1.127.1 (CVE-2025-30355) Read More

March 29, 2025

cri-tools1.29-1.29.0-11.fc41

FEDORA-2025-37c6639afe Packages in this update: cri-tools1.29-1.29.0-11.fc41 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

March 29, 2025

cri-tools1.29-1.29.0-11.fc42

FEDORA-2025-adae8279e3 Packages in this update: cri-tools1.29-1.29.0-11.fc42 Update description: Resolve FTBFS Resolves: rhbz#2352149 Adopt trivy for license detection to be consistent...

March 29, 2025

Friday Squid Blogging: Squid Werewolf Hacking Group

Solar Power System Vulnerabilities Could Result in Blackouts

Nine in Ten Healthcare Organizations Use the Most Vulnerable IoT Devices

VanHelsing ransomware: what you need to know

Trump CISA Cuts Threaten US Election Integrity, Experts Warn

Morphing Meerkat PhaaS Platform Spoofs 100+ Brands

AIs as Trusted Third Parties

CoffeeLoader Malware Loader Linked to SmokeLoader Operations

When Getting Phished Puts You in Mortal Danger

Novel DoS Vulnerability Affecting WebRTC Media Servers

containernetworking-plugins-1.5.1-2.fc40

matrix-synapse-1.111.1-4.fc40

matrix-synapse-1.118.0-4.fc41

matrix-synapse-1.127.1-1.fc42

cri-tools1.29-1.29.0-11.fc41

cri-tools1.29-1.29.0-11.fc42