- Description
- LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- litespeed_web_adc, litespeed_web_server, lsquic, openlitespeed
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
QUIC-LEAK (CVE-2025-54939): New High-Risk Pre-Handshake Remote Denial of Service in LSQUIC QUIC Implementation https://t.co/PpGjUIicTx
@Dinosn
21 Aug 2025
2023 Impressions
7 Retweets
12 Likes
2 Bookmarks
0 Replies
0 Quotes
Unlike most QUIC bugs, CVE-2025-54939 hits before the handshake. An attacker can send just a few crafted packets and kill the server. Here is how it works 🧵 https://t.co/6LOYG8lC2c
@RonMasas
19 Aug 2025
274 Impressions
1 Retweet
4 Likes
2 Bookmarks
1 Reply
0 Quotes
QUIC-LEAK (CVE-2025-54939): New High-Risk Pre-Handshake Remote Denial of Service in LSQUIC QUIC Implementation https://t.co/hUr7KbShmW https://t.co/sp5BtAIJ2i
@RigneySec
19 Aug 2025
225 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2025-54939 Memory Leak Vulnerability in LiteSpeed QUIC Library Befor... https://t.co/yQ94mZ1y2X Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
1 Aug 2025
114 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54939 LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak. https://t.co/mZVWr7PZ2a
@CVEnew
1 Aug 2025
458 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_adc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "477DB91F-DF76-4029-9FFB-7F886FC47DE3",
"versionEndExcluding": "3.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAA03044-E04B-4985-B180-86C960778CB8",
"versionEndExcluding": "6.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:lsquic:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7BFC771-AE20-457D-A317-5CFBAE03522F",
"versionEndExcluding": "4.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EF7681-9F97-4AD1-9A93-673D9831B544",
"versionEndExcluding": "1.8.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]