Impact
Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also for PSK based handshakes. It generally affects client and server as well.
Patches
main: commit 726bac5
2.7.x: commit 5648a0c
Users are requested to update to 3.7.0. If Californium 2 support is required, users are requested to update to 2.7.4.
Workarounds
none.
For more information
Issue 2065
CWE 452
Impact
Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also for PSK based handshakes. It generally affects client and server as well.
Patches
main: commit 726bac5
2.7.x: commit 5648a0c
Users are requested to update to 3.7.0. If Californium 2 support is required, users are requested to update to 2.7.4.
Workarounds
none.
For more information
Issue 2065
CWE 452