Vendor

Libp2p

1 brief RSS

@libp2p/kad-dht Unvalidated PUT_VALUE Records Allow Unbounded Disk Exhaustion

An unauthenticated remote peer can exhaust the disk storage of any `@libp2p/kad-dht` node running in server mode by sending an unbounded stream of `PUT_VALUE` messages with crafted keys to bypass validation and cause disk exhaustion.

@libp2p/kad-dht libp2p kad-dht denial-of-service disk-exhaustion

2r 2t 1d ago