Can you explain this vulnerability to me?

CVE-2026-35405 is a denial-of-service (DoS) vulnerability in the libp2p-rendezvous Rust library versions prior to 0.17.1. The vulnerability exists because the rendezvous server does not limit how many unique namespaces a single peer can register.

A malicious peer can repeatedly register unique namespaces in a loop, and the server will accept each registration, allocating memory for every one without any restriction. Since each registration consumes memory and persists for up to 72 hours, this can cause the server's memory usage to grow uncontrollably.

Eventually, this leads to the server running out of memory and being killed by the operating system (OOM killed), causing a denial of service. This attack requires no special privileges or authentication and can be performed by simply opening a connection and sending REGISTER requests.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can cause a denial of service on any rust-libp2p-based project running a rendezvous server by exhausting the server's memory resources.

• A malicious peer can register tens of thousands of unique namespaces, causing the server to allocate excessive memory.
• The server process can be terminated by the operating system due to out-of-memory conditions, leading to service unavailability.
• Multiple malicious or sybil peers can amplify the attack, potentially consuming gigabytes of memory and causing widespread disruption.

Overall, this results in high impact on availability of the rendezvous server, which is critical for peer discovery in libp2p networks.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring the libp2p-rendezvous server for unusually high memory usage and an excessive number of unique namespace registrations from a single peer or multiple peers.

Since the attack involves a peer repeatedly sending REGISTER requests with unique namespaces, network traffic analysis can help identify such behavior by capturing and inspecting REGISTER messages.

Commands to detect this might include:

• Using system monitoring tools like 'top' or 'htop' to observe memory usage spikes of the rendezvous server process.
• Using 'netstat' or 'ss' to check for a large number of connections to the rendezvous server.
• Using packet capture tools like 'tcpdump' or 'wireshark' to filter and analyze REGISTER requests to the rendezvous server port.
• If the server logs registrations, reviewing logs for peers registering tens of thousands of unique namespaces.

Useful 0 Not Useful 0

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade the libp2p-rust rendezvous server to version 0.17.1 or later, where the vulnerability is fixed by enforcing a configurable maximum number of registrations per peer.

Until the upgrade can be applied, consider implementing network-level protections such as rate limiting or connection limiting to reduce the impact of malicious peers registering excessive namespaces.

Additionally, monitoring and alerting on abnormal memory usage or excessive registration activity can help detect and respond to ongoing attacks.

Useful 0 Not Useful 0