Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
A malicious, compromised, or man-in-the-middle server can supply an arbitrarily
large SCRAM-SHA-256 PBKDF2 iteration count during authentication. The client
runs it inline with no upper bound, pinning a tokio worker thread for minutes
per connection, possibly stalling the whole async runtime.
Applications that connect only to a trusted database are not exposed; the risk
applies to clients that may connect to untrusted or user-supplied servers, or
whose connection can be intercepted by a man-in-the-middle.
See advisory page for additional details.
postgres-protocol0.6.9>=0.6.12<0.3.0A malicious, compromised, or man-in-the-middle server can supply an arbitrarily
large SCRAM-SHA-256 PBKDF2 iteration count during authentication. The client
runs it inline with no upper bound, pinning a
tokioworker thread for minutesper connection, possibly stalling the whole async runtime.
Applications that connect only to a trusted database are not exposed; the risk
applies to clients that may connect to untrusted or user-supplied servers, or
whose connection can be intercepted by a man-in-the-middle.
See advisory page for additional details.